[Webkit-unassigned] [Bug 196280] Web Inspector: Crash when interacting with Template Content in Console

Tue Jul 30 17:13:43 PDT 2019

https://bugs.webkit.org/show_bug.cgi?id=196280

Yury Semikhatsky <yurys at chromium.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |yurys at chromium.org
           Assignee|webkit-unassigned at lists.web |yurys at chromium.org
                   |kit.org                     |

--- Comment #1 from Yury Semikhatsky <yurys at chromium.org> ---
This happens because targetDocument->domWindow() is NULL:

#2  0x00007f09eaf54d9c in WebCore::DOMWindow::crossDomainAccessErrorMessage (this=0x0, activeWindow=...,                                │
    includeTargetOrigin=WebCore::IncludeTargetOrigin::Yes) at ../../Source/WebCore/page/DOMWindow.cpp:2271                              │

this is apparently because the template elements are created in the template document [1] which doesn't have a DOM window. I wonder why they have different security origins and how come scripts in the page don't hit the same check when they access the same template content. Any clue?

[1] https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/dom/Document.h#L1309

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190731/7440a026/attachment.html>