[Webkit-unassigned] [Bug 93363] New: Blocking a plugin with an invalid type via CSP calls SubframeLoader::requestPlugin at page destruction.

Tue Aug 7 06:20:25 PDT 2012

https://bugs.webkit.org/show_bug.cgi?id=93363

           Summary: Blocking a plugin with an invalid type via CSP calls
                    SubframeLoader::requestPlugin at page destruction.
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Plug-ins
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: mkwst at chromium.org
                CC: abarth at webkit.org, bauerb at chromium.org

The attached test case passes, but then makes whatever test run next fail (on the Chromium linux port: we didn't try it on Mac).

I walked through this for about an hour and a half with Bernhard, and I'm just confused. The RenderEmbeddedObject renderer is thrown away upon navigation, which makes sense. What doesn't make sense is that it doesn't seem to be the same RenderEmbeddedObject that we mark as unavailable when initially trying to load the plugin.

A workaround is to teach the plugin element about it's blocked reason, moving that test from the renderer, which we apparently can't trust, out to the element, which we can.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.