Closed Bug 1658244 Opened 6 months ago Closed 6 months ago

"View Background Image" doesn't work for inlined SVG images

Categories

(Core :: DOM: Security, defect, P1)

defect

Tracking

()

RESOLVED FIXED
81 Branch
Tracking Status
firefox-esr68 --- wontfix
firefox-esr78 --- wontfix
firefox79 --- wontfix
firefox80 --- wontfix
firefox81 --- fixed

People

(Reporter: glob, Assigned: ckerschb)

References

(Regression)

Details

(Keywords: regression, Whiteboard: [domsecurity-active])

Attachments

(2 files)

Attached file testcase

STR:

  1. create content that has an inline SVG as a background image (see attached)
  2. right click on background --> "View Background Image"

Expected:

  • Navigated to the background's data: URL

Actual:

  • Nothing, not even an error message

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → SVG
Product: Firefox → Core

More:

  • on BMO you'll see CSP warnings when trying to view the background image, this doesn't happen on the site where I found this issue so they are unrelated
  • command-clicking on "View Background Image" opens the data: url in a new tab, however the content is blank. Interestingly enough the "Refresh" button is disabled on this tab
  • focusing the address bar and hitting Return to navigate to the url results in SVG being correctly shown

Oops, forgot to describe my Firefox version: I see this in the release channel (currently on 79) as well as nightly (81). fission is not enabled in either environment.

mozregression points me to this range:

https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=42151fcd6cfc216d147730d0f2c6a2acd52d22fd&tochange=a0eb21bf55e1c1ae0ba311e6f2273da05c712799

Looks like it's bug 1380959, which disallowed top-level data: URL navigations. We should probably allow it when it was triggered by View Source. Sounds similar to bug 1407891, too. Christian, do you know what we need to do here?

Component: SVG → DOM: Security
Flags: needinfo?(ckerschb)
Regressed by: 1380959

I really can't tell why we are not logging to either the browser console, or the web console in that particular case.

Good news is, I have a patch which fixes the problem - will upload in a minute.

Assignee: nobody → ckerschb
Severity: -- → S2
Status: NEW → ASSIGNED
Flags: needinfo?(ckerschb)
Priority: -- → P1
Whiteboard: [domsecurity-active]
Pushed by mozilla@christophkerschbaumer.com:
https://hg.mozilla.org/integration/autoland/rev/869d82e5b984
Allow view-background-image to open a data: URI by setting a flag on the loadinfo r=Gijs
Status: ASSIGNED → RESOLVED
Closed: 6 months ago
Resolution: --- → FIXED
Target Milestone: --- → 81 Branch
You need to log in before you can comment on or make changes to this bug.