YouTube embed code in HTML page throws console error on Google chrome
Reported by
randeep...@gmail.com,
Mar 20 2018
|
||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36 Steps to reproduce the problem: 1. Copy YouTube embed code from YouTube. 2. Paste the code into a static HTML page. 3. Open the HTML page in Google Chrome and check the console. What is the expected behavior? No Console error. What went wrong? If we use the YouTube embed code in our page, we are also getting the same error on our web page. Did this work before? N/A Chrome version: 65.0.3325.162 Channel: stable OS Version: 6.1 (Windows 7, Windows Server 2008 R2) Flash Version: This issue occurs only with Google Chrome.
,
Mar 22 2018
Able to reproduce this issue on reported version 65.0.3325.162, on latest stable 65.0.3325.181 and on latest beta 66.0.3359.45 using Windows 10, Mac 10.13.3 and Ubuntu 14.04. But issue is not seen on latest canary 67.0.3377.0. Hence providing reverse bisect info. Last Bad Build: 67.0.3362.0 First Good Build: 67.0.3364.0 You are probably looking for a change made after 541172 (known good), but no later than 541173 (first known bad). CHANGELOG URL: https://chromium.googlesource.com/chromium/src/+log/ab5c06e68fe24e55572a69374b36b1d7fd83c4c5..71f7b2b768f7edafdd46553e0c42376ddc96f117 Probably fixed by https://chromium-review.googlesource.com/949046 @ mkwst: Please confirm the bug and help in re-assigning to appropriate owner if it is not related to your change. Please merge the fix to M-65 and M-66 if it is safe. Adding RB-Stable for M-65. Please remove if not the case. Thanks!
,
Mar 22 2018
Requesting merge of https://chromium-review.googlesource.com/949046 to 66. I don't think it's worth merging to 65.
,
Mar 22 2018
This bug requires manual review: M66 has already been promoted to the beta branch, so this requires manual review Please contact the milestone owner if you have questions. Owners: cmasso@(Android), cmasso@(iOS), josafat@(ChromeOS), abdulsyed@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Mar 22 2018
Thank you mkwst@. We won't consider this as a blocker for M65 further rollout based on comment #3.
,
Mar 23 2018
Can we target this for M67?
,
Mar 23 2018
I'd suggest that the patch is safe enough to target 66. It's tiny (three lines modified, three removed, plus test modifications) It's been in for two-and-a-half weeks, and this is the third or fourth report I've seen. Given the prevalence of YouTube embeds, I'd like to get the message off folks' consoles to stop worrying developers.
,
Mar 23 2018
Approving merge to M66. Branch:3359
,
Mar 26 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a6c614be7313e8428f01f08d05a7ef3f59992c95 commit a6c614be7313e8428f01f08d05a7ef3f59992c95 Author: Mike West <mkwst@chromium.org> Date: Mon Mar 26 08:17:48 2018 Restore cross-origin reporting to the XSS Auditor. TBR=mkwst@chromium.org (cherry picked from commit 71f7b2b768f7edafdd46553e0c42376ddc96f117) Bug: 811440 , 823624 Change-Id: I51253d721b30255f8270eacb67d5bcf629f90da1 Reviewed-on: https://chromium-review.googlesource.com/949046 Commit-Queue: Mike West <mkwst@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#541173} Reviewed-on: https://chromium-review.googlesource.com/979654 Reviewed-by: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/branch-heads/3359@{#422} Cr-Branched-From: 66afc5e5d10127546cc4b98b9117aff588b5e66b-refs/heads/master@{#540276} [modify] https://crrev.com/a6c614be7313e8428f01f08d05a7ef3f59992c95/third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/report-script-tag-cross-origin-expected.txt [modify] https://crrev.com/a6c614be7313e8428f01f08d05a7ef3f59992c95/third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/report-script-tag-cross-origin-https-expected.txt [modify] https://crrev.com/a6c614be7313e8428f01f08d05a7ef3f59992c95/third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/report-script-tag-cross-origin-https.html [modify] https://crrev.com/a6c614be7313e8428f01f08d05a7ef3f59992c95/third_party/WebKit/Source/core/html/parser/XSSAuditor.cpp
,
Mar 26 2018
Thank you. Merged to 66 in https://chromium-review.googlesource.com/c/chromium/src/+/979654. Closing this out. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by susan.boorgula@chromium.org
, Mar 20 2018