[Webkit-unassigned] [Bug 91766] didFirstVisuallyNonEmptyLayout() callback not fired for initial about:blank page in new loading window
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 19 13:38:01 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=91766
--- Comment #8 from Charles Reis <creis at chromium.org> 2012-07-19 13:38:01 PST ---
(In reply to comment #7)
> > > Why do you care whether an about:blank page is modified?
> >
> > That's the point at which it is no longer safe to show the pending URL in a newly created tab. If you create a new tab with a slowly loading URL, we'd like to be able to display the URL in the address bar (http://crbug.com/9682). However, a URL spoof exploit becomes possible if another window modifies the about:blank page before the slow page commits.
>
> How is that different from
> 1) loading page A into a window X
> 2) Letting that load fully complete
> 3) Navigating X to page B (which is very slow)
> 4) Changing the contents of page A
>
> In both cases, you'll be showing the pending URL for B and the content from A.
We don't show the pending URL if there's a committed URL in the window, so there's no risk. That's also a much less common case, so it's ok leaving it that way.
Chrome currently just shows "about:blank" in the address bar in the "slow URL in new tab" case because of the spoof risk, but that's maddening to a lot of users (e.g., can't recover if the load fails).
I'm trying to make it possible to show the pending URL in a new tab, which is safe as long as no one is modifying the initial about:blank page. This would be consistent with Opera's behavior.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list