Bug 232382

Summary: Javascript URLs do not run in the right context when using frame targeting
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: Page LoadingAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, beidson, changseok, darin, esprehn+autocc, ews-watchlist, ggaren, gyuyoung.kim, japhet, mifenton, mkwst, sam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 232334    
Attachments:
Description Flags
Patch
none
Patch
none
Patch
none
Patch
none
Patch none

Description Chris Dumez 2021-10-27 08:47:30 PDT 
Javascript URLs do not run in the right context when using frame targeting (e.g. `<a target="foo" src="javascript:...">`).
Comment 1 Chris Dumez 2021-10-27 09:55:12 PDT 
Created attachment 442600 [details]
Patch
Comment 2 Chris Dumez 2021-10-27 13:01:10 PDT 
Created attachment 442624 [details]
Patch
Comment 3 Chris Dumez 2021-10-27 13:36:10 PDT 
Created attachment 442627 [details]
Patch
Comment 4 Chris Dumez 2021-10-27 15:42:35 PDT 
Created attachment 442640 [details]
Patch
Comment 5 Chris Dumez 2021-11-01 07:37:43 PDT 
ping review?
Comment 6 Radar WebKit Bug Importer 2021-11-03 08:48:18 PDT 
<rdar://problem/84976051>
Comment 7 Alex Christensen 2021-11-03 08:52:55 PDT 
Comment on attachment 442640 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=442640&action=review

> LayoutTests/imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/010-expected.txt:2
> +FAIL Link with onclick form submit to javascript url with delayed document.write and href navigation  assert_equals: expected "href" but got "write"

Chrome and Firefox pass this test.  While this appears to be a step in the right direction, do you know what it would take to pass?
Comment 8 Chris Dumez 2021-11-03 08:55:29 PDT 
Comment on attachment 442640 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=442640&action=review

>> LayoutTests/imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/010-expected.txt:2
>> +FAIL Link with onclick form submit to javascript url with delayed document.write and href navigation  assert_equals: expected "href" but got "write"
> 
> Chrome and Firefox pass this test.  While this appears to be a step in the right direction, do you know what it would take to pass?

I explained it in the changelog. I haven't done a full investigation yet but I suspect it is because we're running the Javascript URL synchronously in the form submission case.

However, I tried running the JavaScript URL asynchronously and this caused some other side effects and other test failures so I am not making that change in this patch.
Comment 9 EWS 2021-11-03 09:00:21 PDT 
Tools/Scripts/svn-apply failed to apply attachment 442640 [details] to trunk.
Please resolve the conflicts and upload a new patch.
Comment 10 Chris Dumez 2021-11-03 09:30:10 PDT 
Created attachment 443204 [details]
Patch
Comment 11 EWS 2021-11-03 10:28:46 PDT 
Committed r285214 (243839@main): <https://commits.webkit.org/243839@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 443204 [details].