Page is not loading inside Iframe showing block page issue
Categories
(Core :: DOM: Core & HTML, defect, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr102 | --- | unaffected |
| firefox114 | --- | wontfix |
| firefox115 | --- | fixed |
| firefox116 | --- | fixed |
People
(Reporter: sudhakarmaurya712, Assigned: sefeng)
References
(Regression)
Details
(Keywords: regression)
Attachments
(1 file)
|
48 bytes,
text/x-phabricator-request
|
dmeehan
:
approval-mozilla-beta+
|
Details | Review |
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/113.0
Steps to reproduce:
When I load an iframe with credentialless enabled using origin trials, then the same domain pages are blocked in iframe
This is the URL where you can reproduce the issue.
This is the Url which I am adding inside Iframe
Expected results:
Inside the Iframe page should work fine
|
||
Comment 1•1 year ago
|
||
Regression window:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=b588738152848ba9b11bea6ef6d4bca411710e56&tochange=6c46f6f471fb8924d9e50c64e09a1349bb891a95
|
||
Comment 2•1 year ago
|
||
:sefeng, since you are the author of the regressor, bug 1731778, could you take a look? Also, could you set the severity field?
For more information, please visit BugBot documentation.
|
Assignee | |
Comment 3•1 year ago
|
||
Looks like the request of the subdocument caused an redirect, and we blocked the redirect request due to missing COEP headers. Hmm, I think I know what to fix and we need to have a test for this.
|
|
Assignee | |
Comment 4•1 year ago
|
||
We shouldn't block the iframe if the initial request doesn't have valid
headers, we should only check the final request.
|
||
Updated•1 year ago
|
|
|
||
Comment 5•1 year ago
|
||
Set release status flags based on info from the regressing bug 1731778
|
||
Updated•1 year ago
|
|
||
Updated•1 year ago
|
Pushed by sefeng@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f1fb26526a2e Make the COEP:Credentialless check ignores the subdocument request if it's a redirect r=valentin,necko-reviewers
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/40568 for changes under testing/web-platform/tests
|
|
Assignee | |
Updated•1 year ago
|
|
||
Comment 8•1 year ago
|
||
| bugherder | ||
Upstream PR merged by moz-wptsync-bot
|
|
||
Comment 10•1 year ago
|
||
The patch landed in nightly and beta is affected.
:sefeng, is this bug important enough to require an uplift?
- If yes, please nominate the patch for beta approval.
- If no, please set
status-firefox115towontfix.
For more information, please visit BugBot documentation.
|
|
Assignee | |
Comment 11•1 year ago
|
||
Comment on attachment 9338353 [details]
Bug 1837585 - Make the COEP:Credentialless check ignores the subdocument request if it's a redirect r=valentin
Beta/Release Uplift Approval Request
- User impact if declined: Websites which have enabled Origin Trial for
COEP:Credentiallessmay not function correctly if they load redirected credentialless iframes. - Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Not risky because
COEP: Credentiallessis only behind Origin Trial and the change itself is trivial. - String changes made/needed:
- Is Android affected?: Yes
|
|
||
Comment 12•1 year ago
|
||
Comment on attachment 9338353 [details]
Bug 1837585 - Make the COEP:Credentialless check ignores the subdocument request if it's a redirect r=valentin
Approved for 115.0b7.
|
|
||
Comment 13•1 year ago
|
||
| bugherder uplift | ||
Description
•