Open Bug 1591603 Opened 5 years ago Updated 2 years ago

iframe continues to execute after main page reload

Categories

(Core :: DOM: Navigation, defect, P3)

69 Branch
defect

Tracking

()

UNCONFIRMED

People

(Reporter: fb, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Steps to reproduce:

We started seeing this in ff 69.
Our app contains an iframe that is set (via js) shortly after the main page has finished loading (main page and iframe use same domain).
We get sentry crash logs from our app - in this case the iframe saying "window.top.$ is undefined" - actual access is window.top.$.jStorage

Actual results:

Our main page js is bundled so libs like jquery&jStorage should all be available at the time the iframe starts loading. Our weblogs indicate the user reloads while the iframe starts up. We see an http request for the main page (reload), but we also see an http request from the iframe (referrer is iframe url), which shouldn't be possible - the main page just started up after the reload and hasn't set the iframe url yet. This leads us to believe the original iframe continues to run after the main page got a reload request.

The impact to our users is low, as the zombie iframe eventually gets replaced. However crash logs are annoying ;) Not sure if zombie iframe could be somehow exploited if user tried to load a different page, and our zombie iframe tried to access the new page - hopefully cross domain restrictions would kick in...

Expected results:

Would have expected for the iframe runtime to be terminated as soon as the main page is reloaded.

Component: Untriaged → Document Navigation
Product: Firefox → Core

A testcase would be really nice here.
And/or if you could try to run mozregression to find regression range
https://mozilla.github.io/mozregression/

(P3 for now, but could be actually P1)

Priority: -- → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.