[Webkit-unassigned] [Bug 250418] New: Secure Contexts: Documents whose environment has a data: top-level creation URL are not considered a secure context.

Tue Jan 10 15:26:53 PST 2023

https://bugs.webkit.org/show_bug.cgi?id=250418

            Bug ID: 250418
           Summary: Secure Contexts: Documents whose environment has a
                    data: top-level creation URL are not considered a
                    secure context.
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: DOM
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rreno at apple.com
                CC: webkit-bug-importer at group.apple.com

data:text/html,<h1>Hello World!</h1>

window.isSecureContext returns false.

My reading of https://html.spec.whatwg.org/multipage/webappapis.html#secure-contexts says we should get a result of "Potentially Trustworthy" which should imply a secure context (step 2 of the linked algorithm).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230110/5e2c55df/attachment.htm>