WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
NEW
250418
Secure Contexts: Documents whose environment has a data: top-level creation URL are not considered a secure context.
https://bugs.webkit.org/show_bug.cgi?id=250418
Summary
Secure Contexts: Documents whose environment has a data: top-level creation U...
Ryan Reno
Reported
2023-01-10 15:26:53 PST
data:text/html,<h1>Hello World!</h1> window.isSecureContext returns false. My reading of
https://html.spec.whatwg.org/multipage/webappapis.html#secure-contexts
says we should get a result of "Potentially Trustworthy" which should imply a secure context (step 2 of the linked algorithm).
Attachments
Add attachment
proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1
2023-01-10 15:27:04 PST
<
rdar://problem/104096486
>
Ryan Reno
Comment 2
2023-01-10 16:18:04 PST
We are intentionally treating data URLs as opaque origins.
https://bugs.webkit.org/show_bug.cgi?id=11885
Ryan Reno
Comment 3
2023-01-11 18:05:57 PST
Pull request:
https://github.com/WebKit/WebKit/pull/8556
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug