Bug 232382

Summary:

Javascript URLs do not run in the right context when using frame targeting

Product:

WebKit

Reporter:

Chris Dumez <cdumez>

Component:

Page Loading

Assignee:

Chris Dumez <cdumez>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, beidson, changseok, darin, esprehn+autocc, ews-watchlist, ggaren, gyuyoung.kim, japhet, mifenton, mkwst, sam, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

232334

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none
Patch	none
Patch	none

Chris Dumez

Reported 2021-10-27 08:47:30 PDT

Javascript URLs do not run in the right context when using frame targeting (e.g. `<a target="foo" src="javascript:...">`).

Attachments
Patch (17.94 KB, patch) 2021-10-27 09:55 PDT, Chris Dumez	no flags	Details Formatted Diff Diff
Patch (25.93 KB, patch) 2021-10-27 13:01 PDT, Chris Dumez	no flags	Details Formatted Diff Diff
Patch (23.86 KB, patch) 2021-10-27 13:36 PDT, Chris Dumez	no flags	Details Formatted Diff Diff
Patch (27.56 KB, patch) 2021-10-27 15:42 PDT, Chris Dumez	no flags	Details Formatted Diff Diff
Patch (27.15 KB, patch) 2021-11-03 09:30 PDT, Chris Dumez	no flags	Details Formatted Diff Diff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.

Chris Dumez

Comment 1 2021-10-27 09:55:12 PDT

Created attachment 442600 [details] Patch

Chris Dumez

Comment 2 2021-10-27 13:01:10 PDT

Created attachment 442624 [details] Patch

Chris Dumez

Comment 3 2021-10-27 13:36:10 PDT

Created attachment 442627 [details] Patch

Chris Dumez

Comment 4 2021-10-27 15:42:35 PDT

Created attachment 442640 [details] Patch

Chris Dumez

Comment 5 2021-11-01 07:37:43 PDT

ping review?

Radar WebKit Bug Importer

Comment 6 2021-11-03 08:48:18 PDT

<rdar://problem/84976051>

Alex Christensen

Comment 7 2021-11-03 08:52:55 PDT

Comment on attachment 442640 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=442640&action=review > LayoutTests/imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/010-expected.txt:2 > +FAIL Link with onclick form submit to javascript url with delayed document.write and href navigation assert_equals: expected "href" but got "write" Chrome and Firefox pass this test. While this appears to be a step in the right direction, do you know what it would take to pass?

Chris Dumez

Comment 8 2021-11-03 08:55:29 PDT

Comment on attachment 442640 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=442640&action=review >> LayoutTests/imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/010-expected.txt:2 >> +FAIL Link with onclick form submit to javascript url with delayed document.write and href navigation assert_equals: expected "href" but got "write" > > Chrome and Firefox pass this test. While this appears to be a step in the right direction, do you know what it would take to pass? I explained it in the changelog. I haven't done a full investigation yet but I suspect it is because we're running the Javascript URL synchronously in the form submission case. However, I tried running the JavaScript URL asynchronously and this caused some other side effects and other test failures so I am not making that change in this patch.

EWS

Comment 9 2021-11-03 09:00:21 PDT

Tools/Scripts/svn-apply failed to apply attachment 442640 [details] to trunk. Please resolve the conflicts and upload a new patch.

Chris Dumez

Comment 10 2021-11-03 09:30:10 PDT

Created attachment 443204 [details] Patch

EWS

Comment 11 2021-11-03 10:28:46 PDT

Committed r285214 (243839@main): <https://commits.webkit.org/243839@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 443204 [details].

Note You need to log in before you can comment on or make changes to this bug.