Open Bug 1413101 Opened 7 years ago Updated 2 years ago

Ensure that defer scripts have a consistent view of document.readyState regardless of when script fetch finishes

Categories

(Core :: DOM: HTML Parser, enhancement, P2)

Product:
Core
Component:
DOM: HTML Parser
Type:
enhancement

Tracking

()

People

(Reporter: hsivonen, Unassigned)

Details

(This is not a security bug in itself, but this bug refers to a security bug: bug 1364399, so it's best to keep this one hidden as long as bug 1364399 is hidden.)

Bug 1364399 comment 11 indicates that defer scripts whose text has been loaded by the time the HTML parser processes EOF are run with different stuff on the stack and objects in a different state compared to defer scripts whose fetch completes later.

We should ensure that document.readyState is consistent when observed from both kinds of defer scripts.

(It might already be. This bug is basically a TODO item to check and not a claim that a bug exists.)
Keywords: sec-other
Whiteboard: keep hidden while bug 1364399 is hidden.
Group: core-security → dom-core-security
Priority: -- → P2
Bug 1364399 is unhidden now.
Group: dom-core-security
Keywords: sec-other
Whiteboard: keep hidden while bug 1364399 is hidden.
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.