Closed
Bug 729030
Opened 12 years ago
Closed 4 years ago
Remove the remains of support for disabling frames (iframe, frameset)
Categories
(Core :: DOM: Navigation, defect)
Core
DOM: Navigation
Tracking
()
RESOLVED
DUPLICATE
of bug 1013457
People
(Reporter: hsivonen, Unassigned)
Details
We have some code that checks for browser.frames.enabled. However, we don't really have full support for disabling frames. For example, the HTML spec doesn't support disabling frames and our HTML parser implements the spec, so our parser doesn't support parsing documents in a way that would expose the fallback content that's meant for legacy browsers that don't support frames. We should remove the remaining code that depends on browser.frames.enabled and we should get rid of nsIDocumentEncoder::OutputNoFramesContent (which currently depends on that pref and doesn't work as an actual caller-passed flag). bz, can I have a module owner nod on this so that I can go and WONTFIX bug 56743 and bug 533422?
Comment 1•12 years ago
|
||
> For example, the HTML spec doesn't support disabling frames
Are we sure that <iframe sandbox> won't grow such a capability?
We do currently disable frames in some situations on a per-docshell basis, by the way (e.g. in the help viewer). But we probably don't care about noframes in those situations, right?
Reporter | ||
Comment 2•12 years ago
|
||
(In reply to Boris Zbarsky (:bz) from comment #1) > > For example, the HTML spec doesn't support disabling frames > > Are we sure that <iframe sandbox> won't grow such a capability? Seems unlikely, since sandbox is all about defending better against rogue frames instead of throwing away frames altogether. > We do currently disable frames in some situations on a per-docshell basis, > by the way (e.g. in the help viewer). But we probably don't care about > noframes in those situations, right? What's the help viewer? When I open "Help" behind the Firefox button, it opens a Web page in a normal new tab.
Comment 3•12 years ago
|
||
I'm not aware of any plans currently to add any frame-disabling support to <iframe sandbox>. It's not clear to me what the use case for such a feature would be.
See also bug 921727. It is still possible to set browser.frames.enabled=false and it is honored for iframes opened inside XUL documents. Can the support be disabled there at the least?
Comment 5•4 years ago
|
||
Fixed in bug 1013457.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•