Bug 228965

Summary: Meta HTTP refresh should not navigate if document has sandboxed automatic features browsing context flag set
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: DOMAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, changseok, darin, esprehn+autocc, ews-watchlist, ggaren, gyuyoung.kim, hi, japhet, kangil.han, mkwst, sam, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch none

Chris Dumez
Reported 2021-08-10 12:21:56 PDT
Meta HTTP refresh should not navigate if document has sandboxed automatic features browsing context flag set: - https://html.spec.whatwg.org/multipage/semantics.html#shared-declarative-refresh-steps (Step 13) Firefox and Chrome already behave this way.
Attachments
Patch (17.63 KB, patch)
2021-08-10 12:26 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (17.60 KB, patch)
2021-08-10 15:14 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2021-08-10 12:26:39 PDT
Created attachment 435281 [details] Patch
Darin Adler
Comment 2 2021-08-10 15:05:20 PDT
Comment on attachment 435281 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=435281&action=review > Source/WebCore/loader/NavigationScheduler.cpp:186 > + if (auto* document = frame.document()) { > + if (document->isSandboxed(SandboxAutomaticFeatures)) { Rather than nesting, I like this style: if (auto document = frame.document(); document && document->isSandboxed(SandboxAutomaticFeatures) {
Darin Adler
Comment 3 2021-08-10 15:05:45 PDT
Comment on attachment 435281 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=435281&action=review >> Source/WebCore/loader/NavigationScheduler.cpp:186 >> + if (document->isSandboxed(SandboxAutomaticFeatures)) { > > Rather than nesting, I like this style: > > if (auto document = frame.document(); document && document->isSandboxed(SandboxAutomaticFeatures) { Not saying you must change this, just telling you the style I prefer.
Chris Dumez
Comment 4 2021-08-10 15:06:41 PDT
(In reply to Darin Adler from comment #3) > Comment on attachment 435281 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=435281&action=review > > >> Source/WebCore/loader/NavigationScheduler.cpp:186 > >> + if (document->isSandboxed(SandboxAutomaticFeatures)) { > > > > Rather than nesting, I like this style: > > > > if (auto document = frame.document(); document && document->isSandboxed(SandboxAutomaticFeatures) { > > Not saying you must change this, just telling you the style I prefer. Oh, indeed. It is nicer and will make the update. My brain just hasn't adjusted to the new C++ syntax yet :)
Chris Dumez
Comment 5 2021-08-10 15:14:34 PDT
Created attachment 435302 [details] Patch
EWS
Comment 6 2021-08-10 16:19:11 PDT
Committed r280870 (240409@main): <https://commits.webkit.org/240409@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 435302 [details].
Radar WebKit Bug Importer
Comment 7 2021-08-10 16:20:23 PDT
<rdar://problem/81766558>
Note You need to log in before you can comment on or make changes to this bug.