W3C home > Mailing lists > Public > whatwg@whatwg.org > April 2012

[whatwg] Confirming understanding about window.location's interaction with sandboxed seamless iframes

From: Adam Barth <w3c@adambarth.com>
Date: Wed, 11 Apr 2012 23:18:25 -0700
Message-ID: <CAJE5ia_QgCvXUd44bbOSqWj_8qhYFXgxtHHkbOZVHNnQj6DMLg@mail.gmail.com>
We ran into a tricky case in implementing seamless today, and I'd like
to make sure we did the right thing.  Consider the following markup:

<iframe seamless srcdoc="<script>window.location =
'http://example.com/';</script>"></iframe>

According to the rules for navigating seamless iframes, when the child
frame assigns to window.location, the browser will navigate the parent
frame.  Now, what happens if you add in sandbox:

<iframe seamless sandbox="allow-scripts"
srcdoc="<script>window.location =
'http://example.com/';</script>"></iframe>

In this case, navigating the parent is blocked because the sandbox
prevents the child from navigating it's parent.  Therefore, the
navigation just fails.  There's a full test case up on GitHub if
that's helpful to you:

https://github.com/eseidel/webkit/blob/seamless/LayoutTests/fast/frames/seamless/seamless-window-location-sandbox.html

Please let us know if we've misunderstood the interactions between
these three features.

Thanks!
Adam
Received on Wednesday, 11 April 2012 23:18:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 30 January 2013 18:48:07 GMT