[Webkit-unassigned] [Bug 36732] sandboxed iframes from same origin should not be granted notification permission of the parent frame unless allow-same-origin is specified
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Mar 28 13:37:54 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=36732
--- Comment #1 from Rafael Weinstein <rafaelw at chromium.org> 2010-03-28 13:37:54 PST ---
Created an attachment (id=51866)
--> (https://bugs.webkit.org/attachment.cgi?id=51866)
html test
This test loads the same document twice as an iframe, once with
sandbox="allow-scripts" and once with sandbox="allow-scripts
allow-same-origin".
If the parent frame is granted notification permission, only the
allow-same-origin iframe should report that it has been granted permission as
well.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list