Bug 229120

Summary: Allow a same-origin <iframe> to programmatically navigate its top frame to an external URL
Product: WebKit Reporter: Alexey Shvayka <ashvayka>
Component: New BugsAssignee: Alexey Shvayka <ashvayka>
Status: NEW    
Severity: Normal CC: ahmad.saleem792, beidson, cdumez, esprehn+autocc, ews-watchlist, ggaren, hi, japhet, joepeck, kondapallykalyan, pangle, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 231702    
Attachments:
Description Flags
Patch
none
Patch
none
Patch ggaren: review+

Alexey Shvayka
Reported 2021-08-15 08:17:09 PDT
Allow a same-origin <iframe> to programmatically navigate its top frame to an external URL
Attachments
Patch (31.41 KB, patch)
2021-08-15 08:21 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Patch (88.35 KB, patch)
2021-10-19 11:04 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Patch (92.30 KB, patch)
2021-10-19 14:11 PDT, Alexey Shvayka 		ggaren: review+
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Alexey Shvayka
Comment 1 2021-08-15 08:21:13 PDT
Created attachment 435564 [details] Patch
Radar WebKit Bug Importer
Comment 2 2021-08-22 08:18:15 PDT
<rdar://problem/82217976>
Geoffrey Garen
Comment 3 2021-10-12 15:00:39 PDT
Comment on attachment 435564 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=435564&action=review I think the general approach to allow an iframe to open an external URL, if and only if it is same origin and a top-level navigation, seems sounds, and a good way to resolve the regression. It's sound because you're right, there was never any security boundary there anyway. And, of course, we want to resolve the regression. > Source/WebCore/ChangeLog:20 > + This patch reverts r280826 and makes it legal for iframes to open external URLs makes it legal for same-origin iframes
Alexey Shvayka
Comment 4 2021-10-19 11:04:06 PDT
Created attachment 441758 [details] Patch Same idea, way better implementation that enabled nice refactoring.
Alexey Shvayka
Comment 5 2021-10-19 14:11:42 PDT
Created attachment 441796 [details] Patch Fix iOS build, ignore http/tests/navigation-policy on non-WK2, and fix isMainFrame() called on nullptr.
Geoffrey Garen
Comment 6 2022-01-12 11:11:29 PST
Comment on attachment 441796 [details] Patch r=me I recommend double-checking where the ShouldOpenExternalURLsPolicy originates in the navigation request, and verifying that it enforces a main frame requirement.
Ahmad Saleem
Comment 7 2022-10-10 14:09:24 PDT
Checking via BugID, it seems this r+ patch didn't landed. Is this needed now? Thanks!
Note You need to log in before you can comment on or make changes to this bug.