Closed Bug 445725 Opened 13 years ago Closed 12 years ago
[FIX]file:// iframes get the wrong principal after a reload
I lost track of when this happened, but it appears that currently, an iframe in an HTML page loaded from a file:// URI inherits the principal of the outer page. However, when the subframe has been navigated and the page is reloaded (e.g. via the reload button), the subframe's principal changes to not inherit, meaning that the page is no longer allowed to access the subframe. In the testcase provided by Aaron Morgulis, the subframe is one directory level deeper than the outer page. I'm filing this as unconfirmed because I'm not sure my initial premise (about file:// iframes inheriting their owner's principal) is correct.
So there is code in nsDocShell::DoChannelLoad that should be setting the owner on the channel, and we should be passing in the "right" owner from the history entry here, I would think. Want to look into why that's failing?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Makes sure to copy over the owner on anchor scroll.
Summary: file:// iframes get the wrong principal after a reload → [FIX]file:// iframes get the wrong principal after a reload
Comment on attachment 351651 [details] [diff] [review] Fix Looks good.
Comment on attachment 351651 [details] [diff] [review] Fix I think it's worth taking this in 1.9.1
Attachment #351651 - Flags: approval1.9.1?
Pushed http://hg.mozilla.org/mozilla-central/rev/633b48e70c60 Need file:// mochitests to test this.
Comment on attachment 351651 [details] [diff] [review] Fix a191=beltzner
Attachment #351651 - Flags: approval1.9.1? → approval1.9.1+
Target Milestone: --- → mozilla1.9.1b3
Version: unspecified → Trunk
You need to log in before you can comment on or make changes to this bug.