[Webkit-unassigned] [Bug 218804] New: sessionStorage should not be cloned when a window is opened with noopener

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Nov 11 08:45:03 PST 2020 

https://bugs.webkit.org/show_bug.cgi?id=218804

            Bug ID: 218804
           Summary: sessionStorage should not be cloned when a window is
                    opened with noopener
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ericlaw at microsoft.com

WebKit should not copy session storage when a new window opens with rel="noopener".

https://html.spec.whatwg.org/multipage/browsers.html#copy-session-storage

Firefox and the Web Platform tests (wpt/webstorage/storage_session_window_noopener) get this right; Safari and Chrome (https://crbug.com/771959) get this wrong. 

I'd like to fix this for Chrome, and getting it fixed in Safari will help.

Demo/Repro:
1. Visit https://webdbg.com/test/sessions/
2. Pick a color in the dropdown. Observe SessionStorage value shown in page.
3. Click 'open this page in ... noopener' link

OBSERVE: The new page shows the sessionStorage value was copied from the original window.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201111/ccc7217f/attachment.htm>

More information about the webkit-unassigned mailing list