Closed Bug 92912 Opened 24 years ago Closed 24 years ago

javascript will not execute in dynamically created iframe

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla0.9.4

People

(Reporter: geraint.edwards, Assigned: jst)

References

(
URL
)

Details

(Whiteboard: [HAVE FIX])

Attachments

(1 file)

Don't bother doing security checks while the context is being initialized
1.10 KB, patch
Details | Diff | Splinter Review
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2+) Gecko/20010730 BuildID: 2001073008 Open the URL http://www.copyn.plus.com/mozTest16.html This page contains two iframes - one part of the html and the other added dynamically using addElement. Both IFrames should be turned black by the javascript within the iframe - this happens for the 'static' iframe but does not for the dynamically added iframe. The javascript in the dynamic iframe is not executed at all. This was not a problem with Netscape 6 or Mozilla 0.9.1. Reproducible: Always Steps to Reproduce: 1.Open http://www.copyn.plus.com/mozTest16.html Actual Results: The right iframe remains red but left iframe is turned black Expected Results: Both iframes should be turned black by the javascript within the iframe. Have also tested this on build 2001073017 under windows NT 4.0 workstation with the same error occuring. This is a critical requirement of our company's web application which we have consistently strived to ensure works with Netscape 6/Mozilla in addition to MSIE 5+.
linked to bug 90533 ??
This bug does not rely on onLoad being fired for the javascript to fail. open http://www.copyn.plus.com/mozTest18.html for illustration without setting onLoad.
I see this with linux build 2001-07-30-06 Over to DOM Core.
Assignee: pollmann → jst
Status: UNCONFIRMED → NEW
Component: HTMLFrames → DOM Core
Ever confirmed: true
QA Contact: amar → stummala
The reason this wasn't working was that the security checks that are done while the context and global object are being initialized were failing since the script global object didn't know about the global JSObject this early on so the security manager was being passed a null JSObject. In normal cases this works since the security manager is not able to get a principal from the script global object, but in this case it gets the principal of the parent and tries to do a same origin check, which fails since the JSObject that's passed in is null. The fix I attached is to not bother doing security checks until the context is fully initialized. r & sr = anyone?
Status: NEW → ASSIGNED
OS: Linux → All
Hardware: PC → All
Target Milestone: --- → mozilla0.9.4
Nisheeth sez r=nisheeth
*** Bug 94223 has been marked as a duplicate of this bug. ***
Whiteboard: [HAVE FIX]
So long as no web JS could sneak in and run (nesting on the main thread) under InitContext.... sr=brendan@mozilla.org. /be
OS: All → Linux
Hardware: All → PC
Mitchell, here's the security check patch we were talking about earlier today, see last attachment.
Fix checked in.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
OS: Linux → All
Hardware: PC → All
Resolution: --- → FIXED
What brendan said...do you think that's a possibility? Otherwise, this looks OK provided that IsContextInitialized() always returns the correct value. Is there any way the result of IsContextInitialized could be messed up?
I don't see how that could possibly happen, if that happens the context initialization fails and no scipts should run at all on that context. We could bullet proof the code in nsJSContext::InitContext() to always set the mIsInitialized to PR_TRUE even if initializing the context fails, let me know if that would make you sleep better at night and I'll do that :-)
verified 2001-09-12-05
Status: RESOLVED → VERIFIED
Component: DOM: Core → DOM: Core & HTML
QA Contact: stummala → general
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: