[Webkit-unassigned] [Bug 93363] New: Blocking a plugin with an invalid type via CSP calls SubframeLoader::requestPlugin at page destruction.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Aug 7 06:20:25 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=93363
Summary: Blocking a plugin with an invalid type via CSP calls
SubframeLoader::requestPlugin at page destruction.
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Plug-ins
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: mkwst at chromium.org
CC: abarth at webkit.org, bauerb at chromium.org
The attached test case passes, but then makes whatever test run next fail (on the Chromium linux port: we didn't try it on Mac).
I walked through this for about an hour and a half with Bernhard, and I'm just confused. The RenderEmbeddedObject renderer is thrown away upon navigation, which makes sense. What doesn't make sense is that it doesn't seem to be the same RenderEmbeddedObject that we mark as unavailable when initially trying to load the plugin.
A workaround is to teach the plugin element about it's blocked reason, moving that test from the renderer, which we apparently can't trust, out to the element, which we can.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list