url() should resolve to an invalid URL
Reported by
rafael_s...@hotmail.com,
Dec 2
|
|||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36 Steps to reproduce the problem: 1. create an html page with the following content: <p style="background-image:url()">no background image</p> 2. point chrome to the page 3. chrome will request the page twice What is the expected behavior? chrome should only request the page once What went wrong? there's a bug where a style command in the page (background-image:url()) will cause chrome to request the page twice. it's akin to a denial of service attack. css styles shouldn't be able to make chrome double server traffic. Did this work before? N/A Chrome version: 70.0.3538.110 Channel: stable OS Version: 10.0 Flash Version: This is a pretty huge bug
,
Dec 3
Thanks for filing the issue... Tried to reproduce the issue on reported chrome version 70.0.3538.110 using Windows 10. Attaching screen-cast for reference. Steps: ------ 1. Launched reported chrome 2. Created html using given code and opened in chrome 3. Opened Dev tools>> Network As we have seen 2 html requests @Reporter: Could you please check the attached screen cast and let us know if anything missed from our end and verify this issue on chrome beta 71.0.3578.75, you can download latest chrome builds here:" https://www.chromium.org/getting-involved/dev-channel ". Let us know whether issue still persists. Thanks.!
,
Dec 3
This is supported by a (fairly recent) change to make url() (an empty url) resolve to an invalid URL: https://drafts.csswg.org/css-values/#url-empty There is an existing WPT for this although it test the opposite... it however references the spec issue with the resolution. |
|||
►
Sign in to add a comment |
|||
Comment 1 by swarnasree.mukkala@chromium.org
, Dec 3