116065 – Consider mixed-content iframes to be mixed script instead of mixed display

NEW116065

Consider mixed-content iframes to be mixed script instead of mixed display

https://bugs.webkit.org/show_bug.cgi?id=116065

Summary Consider mixed-content iframes to be mixed script instead of mixed display

Ryosuke Niwa

Reported 2013-05-13 15:56:25 PDT

Consider merging https://chromium.googlesource.com/chromium/blink/+/168c1f03b852ffb3c458ed84110b6cc0b9465d50 Consider mixed-content iframes to be mixed script instead of mixed display. BUG=238484 TEST=http/tests/security/mixedContent/* R=abarth@chromium.org, tsepez@chromium.org

Attachments
Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2013-05-21 10:30:51 PDT

Ahmad Saleem

Comment 2 2022-09-14 16:17:40 PDT

Webkit still refers to canDisplayInsecureContent rather than canRunInsecureContent here: https://github.com/WebKit/WebKit/blob/67d5c3c96c45eee8948e370d8fb79908199b180e/Source/WebCore/loader/DocumentLoader.cpp#L705 and I think it is "top" rather than "parent" level, is it good fix still? Thanks!

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Unspecified

OS Unspecified

Product WebKit

Component Page Loading

Assignee

Nobody

Reported

2013-05-13 15:56 PDT

Modified

2022-09-14 18:10 PDT History

CC List

7 users Show

URL

Keywords BlinkMergeCandidate

Depends on

Blocks