[whatwg] Confirming understanding about window.location's interaction with sandboxed seamless iframes

On Wed, Apr 11, 2012 at 11:35 PM, Ian Hickson <ian at hixie.ch> wrote:
> On Wed, 11 Apr 2012, Adam Barth wrote:
>>
>> We ran into a tricky case in implementing seamless today, and I'd like
>> to make sure we did the right thing. ?Consider the following markup:
>>
>> <iframe seamless srcdoc="<script>window.location =
>> 'http://example.com/';</script>"></iframe>
>>
>> According to the rules for navigating seamless iframes, when the child
>> frame assigns to window.location, the browser will navigate the parent
>> frame. ?Now, what happens if you add in sandbox:
>>
>> <iframe seamless sandbox="allow-scripts"
>> srcdoc="<script>window.location =
>> 'http://example.com/';</script>"></iframe>
>>
>> In this case, navigating the parent is blocked because the sandbox
>> prevents the child from navigating it's parent.
>
> The blocking happens in step 2, which is before the seamless redirection
> which is in step 3, so in this case it's not blocked.

On #whatwg, Hixie pointed me to this table:

http://www.whatwg.org/specs/web-apps/current-work/#browsing-context-names

which looks quite helpful.

Thanks!
Adam

Received on Wednesday, 11 April 2012 23:39:32 UTC