RESOLVED FIXED 104363
fast/frames/sandboxed-iframe-scripting.html contains very misleading comments. 
https://bugs.webkit.org/show_bug.cgi?id=104363
Summary fast/frames/sandboxed-iframe-scripting.html contains very misleading comments.
Mike West
Reported 2012-12-07 04:27:14 PST
http://trac.webkit.org/browser/trunk/LayoutTests/fast/frames/sandboxed-iframe-scripting.html claims to verify that "removing the sandbox='allow-scripts' attribute at runtime prevents new scripts from launching, but existing ones keep running.". It does not verify this. Not only does it not verify this, it shouldn't verify this, as the spec states: "These flags only take effect when the nested browsing context of the iframe is navigated. Removing them, or removing the entire sandbox attribute, has no effect on an already-loaded page." I'm trying to add console warnings for blocked JavaScript, and this case confused me for longer than I care to admit in a public forum. :)
Attachments
Patch (4.33 KB, patch)
2012-12-07 04:39 PST, Mike West 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Mike West
Comment 1 2012-12-07 04:33:45 PST
(In reply to comment #0) > Not only does it not verify this, it shouldn't verify this, as the spec states: "These flags only take effect when the nested browsing context of the iframe is navigated. Removing them, or removing the entire sandbox attribute, has no effect on an already-loaded page." http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-sandbox In short, we're doing the right thing, but the comments make it sound like the wrong thing. I'll put up a patch in a moment to clear up the comments. :)
Mike West
Comment 2 2012-12-07 04:39:06 PST
Created attachment 178197 [details] Patch
Mike West
Comment 3 2012-12-07 04:40:04 PST
Hey Jochen, would you be comfortable reviewing this change?
Mike West
Comment 4 2012-12-07 10:45:41 PST
Comment on attachment 178197 [details] Patch Thanks, Darin.
WebKit Review Bot
Comment 5 2012-12-07 10:50:44 PST
Comment on attachment 178197 [details] Patch Clearing flags on attachment: 178197 Committed r136963: <http://trac.webkit.org/changeset/136963>
WebKit Review Bot
Comment 6 2012-12-07 10:50:47 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.