Open
Bug 1299269
Opened 8 years ago
Updated 2 years ago
Cross process navigations break the window object [cross-origin]
Categories
(Core :: DOM: Content Processes, defect, P3)
Core
DOM: Content Processes
Tracking
()
NEW
People
(Reporter: nika, Unassigned)
Details
Attachments
(1 file)
621 bytes,
text/html
|
Details |
STR: 1. Open the attached HTML document in your web browser 2. Click on the "Click Me!" button 3. A new tab will open, and the original tab will be printing the number. That number is the `window.length` property of the just-opened window. 4. Navigate the opened window to about:config, and then press back 5. The number will be 0 despite the window containing 2 iframes. Expected Results: The number when navigating to about:config and going back should be 2. N.B. This works for just about any property of the window. window.length is notable because it is visible cross-process. A solution for cross-process window proxies will be necessary for bug 1277066, and will also solve this problem for cross-origin references. NOTE: This bug is _not_ aiming to fix this problem for same-origin properties, rather it aims to make cross-origin navigations maintain a window proxy reference, and treat all windows which are reached through such a process as cross-origin. This means it will only support cross-origin properties like window.length.
Comment 1•8 years ago
|
||
Just an interesting note, this sounds exactly what chromium does for site isolation project recently. http://www.chromium.org/developers/design-documents/site-isolation#TOC-Project-Tasks > Cross-Process JavaScript > ... > We support all required interactions, including frame placeholders, postMessage, close, closed, > focus, blur, and assignments to window.location between top-level windows in different processes.
Reporter | ||
Comment 2•8 years ago
|
||
That is very similar to what we would want to do for this bug. It might be interesting to look at what chrome is doing for that.
Reporter | ||
Comment 3•8 years ago
|
||
I might not be working on this for a while. Unassigning myself.
Assignee: michael → nobody
Updated•6 years ago
|
Priority: -- → P3
Comment 4•2 years ago
|
||
This bug still seems valid, but at this point I think it mainly boils down to history.length
being wrong and not the Window
object in general being problematic.
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•