Bug 222312 - REGRESSION(Safari 14): iframe with blob url does not work with sandboxing
Summary: REGRESSION(Safari 14): iframe with blob url does not work with sandboxing
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Frames (show other bugs)
Version: Safari 14
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: youenn fablet
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-02-23 07:15 PST by literalPie
Modified: 2021-04-15 02:07 PDT (History)
7 users (show)

See Also:


Attachments
Patch (4.99 KB, patch)
2021-04-14 01:03 PDT, youenn fablet
no flags Details | Formatted Diff | Diff
Patch (5.51 KB, patch)
2021-04-14 02:32 PDT, youenn fablet
no flags Details | Formatted Diff | Diff
Patch (6.33 KB, patch)
2021-04-14 08:32 PDT, youenn fablet
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description literalPie 2021-02-23 07:15:44 PST
In a site hosted with https, if an iframe is using a blob url generated from html content, and its sandbox is set to "allow-scripts", the iframe does not load the html. This works in other browsers and in Safari 13.1, but it does not work in Safari 14.0.3 (15610.4.3.1.6, 15610) or Safari Technology preview Release 120 (Safari 14.2, WebKit 15612.1.2.6).

See a reproduction here: https://stackblitz.com/edit/webkit-iframe-blob-src-bug.

It's possible that Safari is intentionally more strict about this, but I can't find any evidence that it's intentional.

This can be worked around by setting sandbox="allow-scripts allow-same-origin".
Comment 1 Radar WebKit Bug Importer 2021-03-02 07:16:24 PST
<rdar://problem/74927624>
Comment 2 Chris Dumez 2021-04-13 09:50:57 PDT
Still reproduces on r275884 so Bug 170075 did not fix this.
Comment 3 youenn fablet 2021-04-13 13:52:03 PDT
Had a quick look, it seems we need to update FrameLoader::PolicyChecker::extendBlobURLLifetimeIfNecessary.
Comment 4 youenn fablet 2021-04-14 01:03:58 PDT
Created attachment 425958 [details]
Patch
Comment 5 youenn fablet 2021-04-14 02:32:41 PDT
Created attachment 425964 [details]
Patch
Comment 6 youenn fablet 2021-04-14 08:32:20 PDT
Created attachment 425985 [details]
Patch
Comment 7 Chris Dumez 2021-04-14 09:06:31 PDT
Comment on attachment 425985 [details]
Patch

r=me, thanks for fixing.
Comment 8 EWS 2021-04-15 02:07:52 PDT
Committed r276012 (236564@main): <https://commits.webkit.org/236564@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 425985 [details].