- From: Ian Hickson <ian@hixie.ch>
- Date: Sat, 5 Mar 2011 00:08:12 +0000 (UTC)
On Mon, 6 Dec 2010, Boris Zbarsky wrote: > On 12/6/10 7:45 PM, Ian Hickson wrote: > > per spec, currently, if you grab a reference (from another Window) to > > a document that you then send into session history (bfcache), you can > > still mutate that document, call dispatchEvent() on it, run scripts in > > it, etc. > > I don't believe Gecko would be willing to implement that, for security > reasons. As soon as you try to do things of that sort in a bfcached > document it _will_ in fact get evicted. I don't believe we plan to > change that. I'd be interested in what other UAs views are on this. > > This is also why we drop the browsing context when an iframe is removed > from the document. This part we may be able to change without > introducing security problems, maybe... Not clear yet. Interesting. So it looks like Chrome and IE8 implement what the spec says here when it comes to iframes, but Opera, Firefox, and Safari do not: http://www.hixie.ch/tests/adhoc/html/frames/iframes/detaching/001.html?a Opera turns a Window into an Object with just one property ('close', which is undefined as far as I can tell). Firefox and Safari just set all the properties to undefined, but otherwise leave it alone. Could you elaborate on the security reasons? I don't really understand the problem. It certainly seems like there are some valid use cases for moving frames around from document to document. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 4 March 2011 16:08:12 UTC