Bug 116065

Summary: Consider mixed-content iframes to be mixed script instead of mixed display
Product: WebKit Reporter: Ryosuke Niwa <rniwa>
Component: Page LoadingAssignee: Nobody <webkit-unassigned>
Status: NEW    
Severity: Normal CC: achristensen, ahmad.saleem792, ap, beidson, bfulgham, cdumez, wilander
Priority: P2 Keywords: BlinkMergeCandidate
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   

Ryosuke Niwa
Reported 2013-05-13 15:56:25 PDT
Consider merging https://chromium.googlesource.com/chromium/blink/+/168c1f03b852ffb3c458ed84110b6cc0b9465d50 Consider mixed-content iframes to be mixed script instead of mixed display. BUG=238484 TEST=http/tests/security/mixedContent/* R=abarth@chromium.org, tsepez@chromium.org
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2013-05-21 10:30:51 PDT
http://code.google.com/p/chromium/issues/detail?id=238484
Ahmad Saleem
Comment 2 2022-09-14 16:17:40 PDT
Webkit still refers to canDisplayInsecureContent rather than canRunInsecureContent here: https://github.com/WebKit/WebKit/blob/67d5c3c96c45eee8948e370d8fb79908199b180e/Source/WebCore/loader/DocumentLoader.cpp#L705 and I think it is "top" rather than "parent" level, is it good fix still? Thanks!
Note You need to log in before you can comment on or make changes to this bug.