[Webkit-unassigned] [Bug 63263] New: Sandboxed iframe allows links to open in new window using target='_blank'

Thu Jun 23 10:08:23 PDT 2011

https://bugs.webkit.org/show_bug.cgi?id=63263

           Summary: Sandboxed iframe allows links to open in new window
                    using target='_blank'
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Windows XP
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Frames
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: shane at eznettools.com

Created an attachment (id=98364)
 --> (https://bugs.webkit.org/attachment.cgi?id=98364&action=review)
Test Case

The attached test case shows that a link with a target='_blank' is allowed to open a new window from within an sandboxed iframe. As I read the spec, this should not be allowed. I'm working on an kiosk application that needs to prevent the content in the sandboxed iframe from being able to open new windows or tabs.

The link that uses javascript to open the new window works as expected.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.