[Webkit-unassigned] [Bug 254065] Cross-Origin-Embedder-Policy incorrectly blocks iframe on cache hit
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Mar 18 15:14:13 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=254065
roberto.vidal at ikumene.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |roberto.vidal at ikumene.com
--- Comment #3 from roberto.vidal at ikumene.com ---
This is well above my paygrade, but from what I can gather, the issue lies here: https://github.com/WebKit/WebKit/blob/729daab8b1fcb955d6e487a7b6266894695972f5/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp#L666
When `shouldInterruptNavigationForCrossOriginEmbedderPolicy` is called, the `m_response` is _not_ yet updated in the case of a cache hit, but it is instead set to a dummy value (presumably the empty URL set in https://github.com/WebKit/WebKit/blob/729daab8b1fcb955d6e487a7b6266894695972f5/Source/WebCore/loader/FrameLoader.cpp#L382 ?).
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230318/7052768d/attachment.htm>
More information about the webkit-unassigned
mailing list