Open Bug 947716 Opened 6 years ago Updated 4 years ago
Navigation done during history traversal, should be done with the source browsing context used when the entry was created
According to the spec at: http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#history-traversal when navigation is required in step 1, it should be done with the source browsing context that was used when the entry was created. The current behaviour is that the browsing context being navigated is used as the source, which will never be affected by sandboxing. After bug 785310 has landed we will pass a null source docshell (browsing context) because we don't currently store the source browsing context with the history entry. This effectively gives the same as the current behaviour. This bug is to implement the correct source browsing context as per the spec, possibly after some clarification of the spec, such as whether the source browsing context needs to be kept alive to make sure it is available for any checks during history traversals. Note from bholley from bug 785310 comment 106 about this: "We need to think carefully about the lifetime management there. We don't want SHEntries to start holding more stuff alive than they used to in the common case. I'm pretty sure we can manage the lifetime similarly to the way we manage the lifetime for the target docshell of the SHEntry, and reason that, at least in most cases, we won't be holding anything alive that we weren't already. But we should think it through carefully, and consult smaug. Tests for that would be crucial." A comment has been added into nsDocShell::LoadHistoryEntry that references this bug, please remove or amend the comment once this bug has been addressed.
It seems a bit odd to associate the source browsing context and not its sandbox flags with the shentry...
(In reply to Boris Zbarsky [:bz] from comment #1) > It seems a bit odd to associate the source browsing context and not its > sandbox flags with the shentry... I thought that, as I was re-reading the spec, while I was filing the bug. However, the source browsing context is also used in steps 3 and 4 of the navigation algorithm, so I'm wondering if this could make a difference during history traversal. Haven't had time to think it all through yet.
Right. Need to decide whether we can just use the current state of the source browsing context or whether we need to capture its state in history.
(In reply to Boris Zbarsky [:bz] from comment #3) > Right. Need to decide whether we can just use the current state of the > source browsing context or whether we need to capture its state in history. Good point, the sandbox flags could have changed, that's another thing that needs clarifying in the spec.
I've raised a new issue against the spec for this: https://github.com/whatwg/html/issues/880
You need to log in before you can comment on or make changes to this bug.