Closed Bug 1204789 Opened 10 years ago Closed 10 years ago

Got load event from iframes with null principal

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Version:
40 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: 4b.69.6d.6f, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 YaBrowser/15.7.2357.2877 Safari/537.36 Steps to reproduce: Very rarely I see "Access denied" messages from sandboxes (created for every iframe). It happens on pages of metro.us website with about 40-70 iframes on each. It's because some iframes got null principal. Simple example (no extensions installed), just paste it to JS console and got to metro.us/*: function nestingLevel(win) { for (var i = 0; win !== win.parent; ++i, win = win.parent){} return i; } function onContentLoad(event) { var doc = event.target; if (doc instanceof HTMLDocument) { var origin = Cu.getObjectPrincipal(doc).origin; if (origin && origin.indexOf("moz-nullprincipal") >= 0) { console.log("FOUND", doc.location.href, nestingLevel(doc.defaultView), origin); } } } gBrowser.addEventListener("DOMContentLoaded", onContentLoad, true); Actual results: I see this in console: FOUND "https://tpc.googlesyndication.com/pagead/gadgets/suggestion_autolayout_V2/suggestion_autolayout_V2_9.html#t=17944076846126914912&p=https%3A%2F%2Fgoogleads.g.doubleclick.net" 4 moz-nullprincipal:{802f6aa9-4d50-40a0-9bfa-edf2306d8316} FOUND about:srcdoc 5 moz-nullprincipal:{88cdd943-743a-43b5-9d44-33cec6aae9b3} Expected results: I don't know if this is a bug or not. But I didn't find a way to create window or iframe with null principal, so it's weird.
Creating a window or iframe with nullprincipal is pretty simple. Here's an example: data:text/html,<iframe sandbox></iframe> As long as the sandbox flags don't include allow-same-origin, you get a nullprincipal. You could examine doc.defaultView.frameElement.sandbox to verify whether that's what's going on here, but I expect it is.
Component: General → DOM: Security
Yes, this is it. Thank you!
Unfortunately it's not related to errors I got, so I did additional research and create another bug-report: https://bugzilla.mozilla.org/show_bug.cgi?id=1205251
OK. Marking this one invalid, since everything here is behaving as it should.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.