44850 2010-08-29 19:54:36 -0700 swf files are downloaded when flash is disabled on www.grantgalitz.org 2022-07-01 11:36:17 -0700 1 1 1 Unclassified WebKit Plug-ins 528+ (Nightly build) All All RESOLVED WONTFIX http://www.grantgalitz.org/index.php InRadar P2 Normal --- 1 chromium webkit-unassigned aestes ap bauerb oldest_to_newest 271268 0 chromium 2010-08-29 19:54:36 -0700 Go to any page with flash with a Chromium build that pulls in Webkit 66156, ie any build after Chromium-57724, and when flash is disabled, Chromium will automatically download the swf file. I first found this bug on Chromium for FreeBSD 7.0.509-57790 and confirmed on the Win XP Chromium snapshots up to 57726. Chromium 57723 doesn't have the bug, as it is before the Webkit roll at 57724. I then compiled Chromium 57724 with a handful of Webkit commits between 66141 and 66191 and narrowed it down to 66156 (as 66155 doesn't show the bug, while 66156 does). I was unable to confirm with the Webkit nightlies as the last 5-10 Webkit nightlies crash on Windows 7 and XP after the home page is loaded. 271275 1 chromium 2010-08-29 20:31:16 -0700 Someone else has confirmed this bug on Chromium for Windows 7, but he notes that it's not reproducible on all flash sites. I notice now that I only had the problem on sites with youtube videos embedded, so perhaps it's an incompatibility between WebCore trunk and the youtube embedded flash player. 271279 2 aestes 2010-08-29 20:41:29 -0700 I can reproduce this in a WebKit nightly build on the Mac. Here is the snippet the site uses to embed the flash video: <object width="425" height="350"> <param name="movie" value="http://www.youtube.com/v/6SDf5_Thqsk"></param> <param name="wmode" value="transparent"></param> <embed src="http://www.youtube.com/v/6SDf5_Thqsk" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed> </object> It probably has to do with there being no mime type specified on the <object>. The same thing happens in builds prior to r66156 if the type @attr is removed from the <embed>. When flash is enabled, it looks like the mime type is determined from the Content-Type header for the resource and the right plug-in is loaded, but I guess when the plug-in is disabled and no type is explicitly specified, WebKit doesn't know what to do and just downloads the file. 274686 3 66654 bauerb 2010-09-06 10:13:46 -0700 Created attachment 66654 Return ObjectContentNone for an empty <object> MIME type If we return ObjectContentNone when the MIME type is empty, we don't start a URL request, so we don't end up downloading the file if we can't handle the MIME type. 274851 4 aestes 2010-09-06 23:08:23 -0700 (In reply to comment #3) > Created an attachment (id=66654) [details] > Return ObjectContentNone for an empty <object> MIME type > > If we return ObjectContentNone when the MIME type is empty, we don't start a URL request, so we don't end up downloading the file if we can't handle the MIME type. It looks like this patch only fixes the issue for the chromium port. I verified this happens in Safari on the Mac, so it would be nice to fix this for all platforms. Also, it seems like this patch would break the ability to use the object element to load resources in a subframe. Since it might not be possible to determine a resource's MIME type a priori (e.g. type @attr or filename extension), our current behavior is to load the resource in a subframe and determine the type from the HTTP Content-Type header. Doesn't this change that behavior? 275584 5 aestes 2010-09-07 20:28:28 -0700 The patch posted to https://bugs.webkit.org/show_bug.cgi?id=45364 appears to fix this issue, at least in the case of youtube's embedded player. 277850 6 chromium 2010-09-12 02:12:04 -0700 While this appears to fix the problem in the latest Webkit nightly for Win XP, I updated to Chromium 7.0.522-59192 on FreeBSD, that uses Webkit commit 67178, and the problem is still there. I confirmed with the 59192 Chromium build for Win XP that Chromium still has this problem, looks like there's still some interaction with Chromium-specific source that causes this problem to persist. 277913 7 aestes 2010-09-12 16:29:26 -0700 (In reply to comment #6) > While this appears to fix the problem in the latest Webkit nightly for Win XP, I updated to Chromium 7.0.522-59192 on FreeBSD, that uses Webkit commit 67178, and the problem is still there. I confirmed with the 59192 Chromium build for Win XP that Chromium still has this problem, looks like there's still some interaction with Chromium-specific source that causes this problem to persist. Chromium didn't merge this change due to a performance regression. See <https://bugs.webkit.org/show_bug.cgi?id=45524>. 285718 8 chromium 2010-09-27 14:04:51 -0700 This bug appears to be fixed in WebKit trunk with the original reason.tv url, but there are still other sites where the bug persists. For example, the grantgalitz.org site linked above, which also uses the youtube embedded player. I ran into the problem with Chromium for FreeBSD using WebKit commit 68248 and confirmed with the last WebKit nightly for Win XP, that uses commit 67637. 285725 9 chromium 2010-09-27 14:06:44 -0700 I don't know how to add a new url to the list of URLs above, so here's the URL: http://www.grantgalitz.org/index.php 292359 10 66654 abarth 2010-10-10 12:44:47 -0700 Comment on attachment 66654 Return ObjectContentNone for an empty <object> MIME type We need a test. 293166 11 70570 aestes 2010-10-12 16:13:32 -0700 Created attachment 70570 Test Case 293170 12 aestes 2010-10-12 16:20:21 -0700 (In reply to comment #11) > Created an attachment (id=70570) [details] > Test Ccase The embed in the test case has no type attribute, so we load the resource in a nested browsing context, which triggers a download since no plug-in exists that can handle the file type. I'm not sure if embeds should be able to load subframes like objects can. The spec only mentions nested browsing contexts in relation to the object element. 294967 13 aestes 2010-10-15 15:39:17 -0700 (In reply to comment #9) > I don't know how to add a new url to the list of URLs above, so here's the URL: > > http://www.grantgalitz.org/index.php It's worth noting that, in this case, WebKit's behavior is not a regression due to any recent changes to object/embed behavior. While this page does embed a youtube video, it doesn't actually use the embed markup advertised by youtube, so this isn't an issue that exists with embedded youtube videos in general. I'll change the title to reflect that this issue isn't a regression. 294968 14 aestes 2010-10-15 15:40:20 -0700 (In reply to comment #13) > (In reply to comment #9) > > I don't know how to add a new url to the list of URLs above, so here's the URL: > > > > http://www.grantgalitz.org/index.php > > It's worth noting that, in this case, WebKit's behavior is not a regression due to any recent changes to object/embed behavior. While this page does embed a youtube video, it doesn't actually use the embed markup advertised by youtube, so this isn't an issue that exists with embedded youtube videos in general. > > I'll change the title to reflect that this issue isn't a regression. I neglected to mention that I can reproduce this bug in Safari 5.0.2, hence my claim that this isn't a regression due to recent object/embed changes. 409074 15 aestes 2011-05-24 11:59:21 -0700 <rdar://problem/9494958> 1880026 16 ap 2022-07-01 11:36:17 -0700 Mass closing plug-in bugs, as plug-in support has been removed from WebKit. Please comment and/or reopen if this still affects WebKit in some way. 66654 2010-09-06 10:13:46 -0700 2010-10-10 12:44:47 -0700 Return ObjectContentNone for an empty <object> MIME type issue44850.patch text/plain 1109 bauerb ZGlmZiAtLWdpdCBhL1dlYktpdC9jaHJvbWl1bS9DaGFuZ2VMb2cgYi9XZWJLaXQvY2hyb21pdW0v Q2hhbmdlTG9nCmluZGV4IGE3MGY0NzMuLjkwZjE0ZDAgMTAwNjQ0Ci0tLSBhL1dlYktpdC9jaHJv bWl1bS9DaGFuZ2VMb2cKKysrIGIvV2ViS2l0L2Nocm9taXVtL0NoYW5nZUxvZwpAQCAtMSwzICsx LDEzIEBACisyMDEwLTA5LTA2ICBCZXJuaGFyZCBCYXVlciAgPGJhdWVyYkBjaHJvbWl1bS5vcmc+ CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgUmV0dXJu IE9iamVjdENvbnRlbnROb25lIGZvciBhbiBlbXB0eSA8b2JqZWN0PiBNSU1FIHR5cGUuCisgICAg ICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD00NDg1MAorCisgICAg ICAgICogc3JjL0ZyYW1lTG9hZGVyQ2xpZW50SW1wbC5jcHA6CisgICAgICAgIChXZWJLaXQ6OkZy YW1lTG9hZGVyQ2xpZW50SW1wbDo6b2JqZWN0Q29udGVudFR5cGUpOgorCiAyMDEwLTA5LTAyICBZ dXJ5IFNlbWlraGF0c2t5ICA8eXVyeXNAY2hyb21pdW0ub3JnPgogCiAgICAgICAgIFJldmlld2Vk IGJ5IFBhdmVsIEZlbGRtYW4uCmRpZmYgLS1naXQgYS9XZWJLaXQvY2hyb21pdW0vc3JjL0ZyYW1l TG9hZGVyQ2xpZW50SW1wbC5jcHAgYi9XZWJLaXQvY2hyb21pdW0vc3JjL0ZyYW1lTG9hZGVyQ2xp ZW50SW1wbC5jcHAKaW5kZXggNzQxODZiZi4uYWQzMGY4MSAxMDA2NDQKLS0tIGEvV2ViS2l0L2No cm9taXVtL3NyYy9GcmFtZUxvYWRlckNsaWVudEltcGwuY3BwCisrKyBiL1dlYktpdC9jaHJvbWl1 bS9zcmMvRnJhbWVMb2FkZXJDbGllbnRJbXBsLmNwcApAQCAtMTQ1NCw3ICsxNDU0LDcgQEAgT2Jq ZWN0Q29udGVudFR5cGUgRnJhbWVMb2FkZXJDbGllbnRJbXBsOjpvYmplY3RDb250ZW50VHlwZSgK ICAgICAgICAgfQogCiAgICAgICAgIGlmIChtaW1lVHlwZS5pc0VtcHR5KCkpCi0gICAgICAgICAg ICByZXR1cm4gT2JqZWN0Q29udGVudEZyYW1lOworICAgICAgICAgICAgcmV0dXJuIE9iamVjdENv bnRlbnROb25lOwogICAgIH0KIAogICAgIGlmIChNSU1FVHlwZVJlZ2lzdHJ5Ojppc1N1cHBvcnRl ZEltYWdlTUlNRVR5cGUobWltZVR5cGUpKQo= 70570 2010-10-12 16:13:32 -0700 2010-10-14 16:29:08 -0700 Test Case embed-no-type.html text/html 140 aestes PGVtYmVkIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIiBzcmM9Imh0dHA6Ly93 d3cueW91dHViZS5jb20vdi9hRjF6c2JpOG15SSZhbXA7aGw9ZW5fVVMmYW1wO2ZzPTEmYW1wOyIg Y2xhc3M9IndoaXRlaG91c2VfdmlkZW8iPgo=