[Webkit-unassigned] [Bug 44420] New: Bogus JS security exception when accessing an object from another frame

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Aug 23 07:04:03 PDT 2010


https://bugs.webkit.org/show_bug.cgi?id=44420

           Summary: Bogus JS security exception when accessing an object
                    from another frame
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Windows Vista
            Status: UNCONFIRMED
          Severity: Blocker
          Priority: P2
         Component: WebCore JavaScript
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: koszalekopalek at interia.pl


Created an attachment (id=65112)
 --> (https://bugs.webkit.org/attachment.cgi?id=65112)
frameset + .js to demonstrate the problem

Unpack the attachment and load file index.htm from a local drive.
Webkit will produce a bogus security exception: Unsafe JavaScript attempt to access frame with URL ...... from frame with URL ...... Domains, protocols and ports must match.


Both files are stored locally, in the same directory.
The problem disappears when the files are loaded from a web server (rather than a local drive).
Due to this problem, JS applications using frames (think a HELP system (TOC in the left frame, content in the right frame)) break completely when accessed from a local drive.


The problem can be reproduced both in Safari (5.0(7433.16)) and Google Chrome (5.0.375.127).
Non-webkit based browsers (including ancient versions of Konqueror/KHTML) work fine. 
(I.e. they change the text in the left frame to: "OK - Innner HTML updated successfully.")


Please fix. 
If you are aware of a possible work-around in JS, please post.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list