On an <object> with data="data:image/svg+xml,<?xml..." i am not allowd to access the objectElement.contentDocument. The followin error is given: Unsafe JavaScript attempt to access frame with URL data:image/svg+xml,%3C?xml%20version=%221 ... 94%3C/text%3E%3C/g%3E%3C/svg%3E from frame with URL http://local.domain.tld/html/. Domains must match. Since the object was created from the current document, one would expect to be able to access it.
Created attachment 14804 [details] HTML file that creates an SVG object and attempts to access its contentDocument
Confirmed with a local debug build of WebKit r21911 with Safari 2.0.4 (419.3) on Mac OS X 10.4.9 (8P135). JavaScript Console: Unsafe JavaScript attempt to access frame with URL data:image/svg+xml,%3C?xml%20version=%221.0%22%20encoding=%22UTF-8%22?%3E%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20xmlns:xlink=%22http://www.w3.org/1999/xlink%22%20version=%221.1%22%20baseProfile=%22full%22%20width=%22100%%22%20height=%22100%%22%20viewBox=%220%200%20350%20235%22%3E%3Crect%20x=%220%22%20y=%2233%22%20width=%22350%22%20height=%22133%22%20fill=%22red%22/%3E%3C/svg%3E from frame with URL http://bugs.webkit.org/attachment.cgi?id=14804. Domains must match.
This is a consequence of WebKit treating data URLs as having a unique origin. There's been some debate about whether we should change that behavior globally. If/when we do that, this bug will be fixed as a consequence.