Bug 198745 - To block automatic download in sandboxed iframe
Summary: To block automatic download in sandboxed iframe
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: Frames (show other bugs)
Version: WebKit Nightly Build
Hardware: All All
: P2 Normal
Assignee: Nobody
Keywords: InRadar
Depends on:
Reported: 2019-06-10 22:38 PDT by yaoxia
Modified: 2020-02-28 23:45 PST (History)
7 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description yaoxia 2019-06-10 22:38:12 PDT
Preventing automatic download in sandboxed iframe should be the default as downloads can bring security vulnerabilities to the system.

I'm hoping to see implementer interest.

whatwg/html discussion: https://github.com/whatwg/html/issues/3236
PR: https://github.com/whatwg/html/pull/4293
WPT (already checked in): https://github.com/web-platform-tests/wpt/commit/245334dcc1695c3dbc4e1fcdbe849224234093fc
Comment 1 Radar WebKit Bug Importer 2019-06-11 00:55:17 PDT