Bug 13543 - javascript: links don't honor the target attribute
Summary: javascript: links don't honor the target attribute
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: Page Loading (show other bugs)
Version: 523.x (Safari 3)
Hardware: Mac OS X 10.4
: P2 Normal
Assignee: Nobody
URL:
Keywords:
: 27326 97351 (view as bug list)
Depends on:
Blocks:
 
Reported: 2007-04-29 12:19 PDT by Geoffrey Garen
Modified: 2020-12-22 11:46 PST (History)
5 users (show)

See Also:


Attachments
reduction (253 bytes, text/html)
2007-04-29 12:19 PDT, Geoffrey Garen
no flags Details
better reduction (318 bytes, text/html)
2007-04-29 12:28 PDT, Geoffrey Garen
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Geoffrey Garen 2007-04-29 12:19:06 PDT
Reduction coming.
Comment 1 Geoffrey Garen 2007-04-29 12:19:28 PDT
Created attachment 14269 [details]
reduction
Comment 2 Geoffrey Garen 2007-04-29 12:21:29 PDT
I believe the problem is that the FrameLoader special-cases javascript: URLs to execute them, and the special-casing code ignores the target attribute.
Comment 3 Geoffrey Garen 2007-04-29 12:22:04 PDT
Works in Firefox. This is not a regression.
Comment 4 Geoffrey Garen 2007-04-29 12:28:36 PDT
Created attachment 14270 [details]
better reduction
Comment 5 Adam Barth 2009-02-19 09:58:50 PST
We should be careful to get the security checks right when we fix this bug.
Comment 6 sharvani 2009-02-20 04:50:59 PST
My observations are as follows, 
 
1)In the API FrameLoader::urlSelected() I found that the case when there is a target attribute along with javascript, target is ignored.
 Here if the link is javascript then the script is executed and the control returns without considering the target attribute.The target attribute is considered only if its not a javascript.
 I tried the following,
 1) Execute the javascript directly if the target is empty.
 2) If the target is not empty then load the form and then execute the script in the new form.
 
Now the safari is failing to load the URL on the target while doing navigation policy check.
 
WebFrame::dispatchDecidePolicyForNavigationAction()
{
if
(SUCCEEDED(policyDelegate->decidePolicyForNavigationAction(d->webView, actionInformation.get(), urlRequest.get(), this, setUpPolicyListener(function).get()))) 
return;
}
This check is failing.
Comment 7 Alexey Proskuryakov 2009-07-16 15:24:41 PDT
*** Bug 27326 has been marked as a duplicate of this bug. ***
Comment 8 Alexey Proskuryakov 2012-09-24 12:20:17 PDT
*** Bug 97351 has been marked as a duplicate of this bug. ***
Comment 9 Rob Buis 2020-12-22 11:46:58 PST
Bug https://bugs.webkit.org/show_bug.cgi?id=174891 seems to be a duplicate of this, OTOH that one has a modern WPT test...