198745 – To block automatic download in sandboxed iframe

NEW 198745

To block automatic download in sandboxed iframe

https://bugs.webkit.org/show_bug.cgi?id=198745

Summary To block automatic download in sandboxed iframe

yaoxia

Reported 2019-06-10 22:38:12 PDT

Preventing automatic download in sandboxed iframe should be the default as downloads can bring security vulnerabilities to the system. I'm hoping to see implementer interest. whatwg/html discussion: https://github.com/whatwg/html/issues/3236 PR: https://github.com/whatwg/html/pull/4293 WPT (already checked in): https://github.com/web-platform-tests/wpt/commit/245334dcc1695c3dbc4e1fcdbe849224234093fc

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2019-06-11 00:55:17 PDT

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware All

OS All

Product WebKit

Component Frames

Assignee

Nobody

Reported

2019-06-10 22:38 PDT

Modified

2020-02-28 23:45 PST History

CC List

7 users Show

URL

Keywords InRadar

Depends on

Blocks