455002 - Accessing Javascript variables between iframes with Signed Javascript scripts

Status: UNCONFIRMED

(Core :: DOM: Core & HTML, defect, P5)

Description

[curutrash]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1

We can't access easily DOM elements, variables or JS functions when using an iframe which is a signed javascript archive.

Reproducible: Always

Steps to Reproduce:
1. Include a html page with signed JS script in an iframe such as <iframe src="jar:http://myserver.com/myarchive.jar!/mysigned_scripted_page.html" name="myframe" id="myframe">

2. On mysigned_scripted_page.html declare some javascript variables or functions, like toto = "Here I go";

3. On your parent page, try to access these variables in JS like any frames with such code as alert(window.frames['myframe'].toto);
Actual Results:  
It shows undefined.

Expected Results:  
It should show an "Here I go" alert.

I don't think it should be a security feature because I see no reasons to restrict the accessiblity on a frame which is a signed archive. I think it's  probably the JS Firefox engine which don't know very well how to access the DOM elements on a frame included with a URI on the jar:http:...myjar.jar!/mypage.html.

Well, in fact, I must say that the way Firefox access signed JS scripts with this strange absolute url is very uneasy to include on a web site with dynamic pages which force to use these horrible iframes and other **** stuff.

Comment 1

[Firefox Bug Husbandry Bot]

https://bugzilla.mozilla.org/show_bug.cgi?id=1472046

Move all DOM bugs that haven’t been updated in more than 3 years and has no one currently assigned to P5.

If you have questions, please contact :mdaly.