Closed Bug 673852 Opened 9 years ago Closed 2 years ago

setting iframe document.domain from data-url src operates on wrong document.domain (parent's instead of iframe's)


(Core :: DOM: Core & HTML, defect)

5 Branch
Not set





(Reporter: simone.losoio, Unassigned)



(1 file)

User Agent: Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0
Build ID: 20110615151330

Steps to reproduce:

changed (widened) domain using document.domain from within an IFRAME whose src was a data-url

Actual results:

i found that not only iframe document.domain changed but also iframe's parent document.domain was changed.
Using same code from within an Iframe whose src is http url does work as expected (change document.domain of iframe only) 

Opera works correctly both with data-url and http url.
Safari/Chrome do not let you change document.domain when using data-url, works fine with http url

Expected results:

only iframe's document.domain should change
Component: General → Security
OS: Other → All
The iframe and the parent document have the same security origin (object identity, note!); setting document.domain changes that one shared security origin.

So the behavior is expected given the current security model for data: URLs in Gecko: they just count as part of the page that loaded them for security purposes.

I'm not sure that's necessarily a sane model, but no one has proposed a sane alternative either...
Component: Security → DOM
Product: Firefox → Core
Pretty sure this is no longer the case due to bug 1324406.
Closed: 2 years ago
Resolution: --- → INVALID
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.