[Webkit-unassigned] [Bug 250418] New: Secure Contexts: Documents whose environment has a data: top-level creation URL are not considered a secure context.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jan 10 15:26:53 PST 2023
https://bugs.webkit.org/show_bug.cgi?id=250418
Bug ID: 250418
Summary: Secure Contexts: Documents whose environment has a
data: top-level creation URL are not considered a
secure context.
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: DOM
Assignee: webkit-unassigned at lists.webkit.org
Reporter: rreno at apple.com
CC: webkit-bug-importer at group.apple.com
data:text/html,<h1>Hello World!</h1>
window.isSecureContext returns false.
My reading of https://html.spec.whatwg.org/multipage/webappapis.html#secure-contexts says we should get a result of "Potentially Trustworthy" which should imply a secure context (step 2 of the linked algorithm).
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230110/5e2c55df/attachment.htm>
More information about the webkit-unassigned
mailing list