[Webkit-unassigned] [Bug 90613] Inside a sandboxed iframe, it should be possible to create another iframe and access it
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 12 05:32:09 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=90613
--- Comment #7 from Bruno Michel <bruno.michel at af83.com> 2012-07-12 05:32:08 PST ---
(In reply to comment #6)
After reading the spec again, I think a solution could be to have 3 states for the sandboxed origin browsing context flag:
- explicitly set on this iframe
- inherited from the parent context
- off
The states 1 and 3 have the same behaviours than currently. For state 2, we allow iframes that are loaded locally to be on the same domain: javascript URL, data URL, about:blank and srcdoc iframes.
In <http://html.spec.whatwg.org/#origin>, it could be somethig like:
If a Document's active sandboxing flag set has its sandboxed origin browsing context flag explicitly set
-> The origin is a globally unique identifier assigned when the Document is created.
-> The effective script origin is initially an alias to the origin of the Document.
If a Document was generated from a javascript: URL
-> The origin is an alias to the origin of the script of that javascript: URL.
-> The effective script origin is initially an alias to the origin of the Document.
If a Document has the address "about:blank"
-> The origin and effective script origin of the Document are those it was assigned when its browsing context was created.
If a Document is an iframe srcdoc document
-> The origin of the Document is an alias to the origin of the Document's browsing context's browsing context container's Document.
-> The effective script origin is initially an alias to the effective script origin of the Document's browsing context's browsing context container's Document.
If a Document has inherited a sandboxed origin browsing context flag
-> The origin is a globally unique identifier assigned when the Document is created.
-> The effective script origin is initially an alias to the origin of the Document.
If a Document was served over the network and has an address that uses a URL scheme with a server-based naming authority
-> The origin is an alias to the origin of the Document's address.
-> The effective script origin is initially an alias to the origin of the Document.
If a Document was generated from a data: URL that was returned as the location of an HTTP redirect (or equivalent in other protocols)
-> The origin is an alias to the origin of the URL that redirected to the data: URL.
-> The effective script origin is initially an alias to the origin of the Document.
If a Document was generated from a data: URL found in another Document or in a script
-> The origin is an alias to the origin of the Document or script that initiated the navigation to that URL.
-> The effective script origin is initially an alias to the effective script origin of the Document or script that initiated the navigation to that URL.
If a Document was obtained in some other manner (e.g. a data: URL typed in by the user, a Document created using the createDocument() API, etc)
-> The origin is a globally unique identifier assigned when the Document is created.
-> The effective script origin is initially an alias to the origin of the Document.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list