[Webkit-unassigned] [Bug 198745] New: To block automatic download in sandboxed iframe

Mon Jun 10 22:38:12 PDT 2019

https://bugs.webkit.org/show_bug.cgi?id=198745

            Bug ID: 198745
           Summary: To block automatic download in sandboxed iframe
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: All
                OS: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Frames
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: yaoxia at chromium.org

Preventing automatic download in sandboxed iframe should be the default as downloads can bring security vulnerabilities to the system.

I'm hoping to see implementer interest.

whatwg/html discussion: https://github.com/whatwg/html/issues/3236
PR: https://github.com/whatwg/html/pull/4293
WPT (already checked in): https://github.com/web-platform-tests/wpt/commit/245334dcc1695c3dbc4e1fcdbe849224234093fc

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190611/f05a4ed8/attachment.html>