Bug 251595

Summary:

Affects teads.tv: about:blank nested twice inside other about:blank frames doesn’t load

Product:

WebKit

Reporter:

Matthieu Wipliez <matthieu.wipliez>

Component:

Frames

Assignee:

Ryosuke Niwa <rniwa>

Status:

RESOLVED FIXED

Severity:

Major

CC:

jskinner, karlcow, rniwa, simon.fraser, suyash.kushwaha, webkit-bug-importer

Priority:

Keywords:

BrowserCompat, InRadar

Version:

Safari Technology Preview

Hardware:

All

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=251592

Attachments:

Description	Flags
rendering of iframe 3	none
rendering in safari, firefox, chrome	none
testcase	none
rendering in safari, firefox, chrome for testcase	none

Matthieu Wipliez

Reported 2023-02-02 08:44:30 PST

This seems somewhat related to bug #251592 When creating nested iframes dynamically in JavaScript, only the first 2 iframes are correctly rendered. It is necessary to use "document.write" to force the iframes to render properly on Safari (expect notably on Safari 16.3 as the aforementioned bug shows). Steps to reproduce : Go to the URL: https://sample.teads.net/demo/bugs/safari-nested-iframe.html Scroll down to the red rectangle Observe that you see "hey there 0" and "hey there 1". Expected: "hey there 0", "hey there 1", "hey there 2", "hey there 3". Open the page on Firefox or Chrome, and witness the expected behavior. I'm marking this as "Major" rather than "Critical" only because there is a workaround thanks to document.write.

Attachments
rendering of iframe 3 (27.04 KB, image/png) 2023-02-09 00:17 PST, Karl Dubost	no flags	Details
rendering in safari, firefox, chrome (902.94 KB, image/png) 2024-01-14 22:47 PST, Karl Dubost	no flags	Details
testcase (1.45 KB, text/html) 2024-08-22 23:06 PDT, Karl Dubost	no flags	Details
rendering in safari, firefox, chrome for testcase (145.24 KB, image/png) 2024-08-22 23:08 PDT, Karl Dubost	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2023-02-06 15:52:08 PST

<rdar://problem/105102996>

Karl Dubost

Comment 2 2023-02-09 00:17:35 PST

Created attachment 464920 [details] rendering of iframe 3 This is nested iframe 3 in blue.

Matthieu Wipliez

Comment 3 2023-02-14 09:47:28 PST

The nested iframe should appear within the others, no?

Karl Dubost

Comment 4 2023-11-13 18:44:48 PST

This might have been fixed by https://github.com/apple/WebKit/pull/380

Karl Dubost

Comment 5 2023-11-13 18:45:16 PST

Matthieu could you confirm?

Matthieu Wipliez

Comment 6 2024-01-12 06:56:53 PST

Hi Karl, sorry I have been out of office for a while. The bug is still present in Safari 17.1.2 as well as in Safari Technology Preview 17.4. The code works fine in both Chrome and Firefox latest versions.

Karl Dubost

Comment 7 2024-01-14 22:47:43 PST

Created attachment 469401 [details] rendering in safari, firefox, chrome iframe 2 and 3 are not visible the same way than they are visible in Firefox/Chrome. Confirmed that this is still happening in STP Release 185 (Safari 17.4, WebKit 19618.1.9.8) STP Release 186 (Safari 17.4, WebKit 19618.1.10.1.1)

Karl Dubost

Comment 8 2024-01-15 16:55:58 PST

<rdar://121021077>

Suyash Kushwaha

Comment 9 2024-08-06 15:57:42 PDT

Hi Karl, We have been experiencing this issue for a bit as well. The document.write workaround doesn't work for us either; perhaps we are doing something wrong.

Suyash Kushwaha

Comment 10 2024-08-15 15:51:04 PDT

We just found out that adding srcset="" to the iframe is another workaround that can be used to get past this bug.

Karl Dubost

Comment 11 2024-08-22 23:06:04 PDT

Created attachment 472275 [details] testcase I simplified the testcase so we could see better the iframes. Remove CSS properties which were not necessary such as z-index, etc.

Karl Dubost

Comment 12 2024-08-22 23:08:40 PDT

Created attachment 472276 [details] rendering in safari, firefox, chrome for testcase This was tested on Safari Technology Preview 201 20620.1.2 Firefox Nightly 131.0a1 13124.8.21 Google Chrome Canary 130.0.6672.0 6672.0 while the 4 iframes are inside the DOM, * we can only see 2 of them in Safari. * we can see the 4 of them in Chrome and Firefox.

Karl Dubost

Comment 13 2024-08-22 23:22:03 PDT

There seems to be a cutoff limit. Increasing n, we can discover some limits. Safari renders 2 Firefox renders 8 Chrome renders 100+

Matthieu Wipliez

Comment 14 2024-10-11 02:28:40 PDT

Hi Karl, do you have any news for this bug? Thanks, Matthieu

Karl Dubost

Comment 15 2024-10-11 04:27:18 PDT

This is the assigned bug, so if there is more news coming about it, it will show up here. :)

Justin Skinner

Comment 16 2024-10-11 08:47:32 PDT

I would argue that this should be considered ‘Critical’ rather than ‘Major’ because the workaround using document.write is not advisable due to security concerns, as it is susceptible to cross-site scripting (XSS) attacks.

Matthieu Wipliez

Comment 17 2025-04-01 02:18:31 PDT

Hey there! I saw the release notes for Safari 18.4 today, and this bug is still present in Safari 18.4 Technology Preview 😭

Karl Dubost

Comment 18 2025-04-01 15:08:06 PDT

rdar://148373033

Karl Dubost

Comment 19 2025-04-01 15:08:30 PDT

Matthieu, you are right I opened a new radar for it.

Karl Dubost

Comment 20 2025-04-01 15:14:40 PDT

Matthieu Do you know about a live website which is affected by this issue? That would be super helpful in addition to the nice testcase.

Matthieu Wipliez

Comment 21 2025-04-02 00:38:04 PDT

Hi Karl, unfortunately not a website, but it affects our business (ad rendering). For instance see: https://wigo.teads.tv/teads-tag-demo.html?vast=https://wigo.teads.tv/livedebug/upload/display-vast-1742908864025_saved.xml&format=display&celtra=true&teadsWigoDebug=enableFromAdSettings_1742908920740 This works on Chrome and Firefox, but not on Safari. Hope this helps, Matthieu

Karl Dubost

Comment 22 2025-04-02 01:06:17 PDT

Thanks, that's useful information.

Matthieu Wipliez

Comment 23 2025-11-14 00:37:10 PST

Hi Karl, do you have any news on this bug? If nobody at Apple is willing to fix this, could you perhaps guide me so I can try to fix it? I bet that other companies (especially in the ad tech sector) could benefit from this bug being fixed. Thanks, Matthieu

Ryosuke Niwa

Comment 24 2026-01-08 17:29:52 PST

Pull request: https://github.com/WebKit/WebKit/pull/56301

Ryosuke Niwa

Comment 25 2026-01-08 18:34:28 PST

<rdar://167813064>

Ryosuke Niwa

Comment 26 2026-01-08 18:35:00 PST

<rdar://148373033>

Ryosuke Niwa

Comment 27 2026-01-09 13:38:31 PST

Waiting on perf A/B testing results.

EWS

Comment 28 2026-01-09 23:49:36 PST

Committed 305404@main (d49e3f1c1997): <https://commits.webkit.org/305404@main> Reviewed commits have been landed. Closing PR #56301 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.