311323 – [Site Isolation] Cross-origin sandboxed iframe with allow-top-navigation cannot navigate parent to blob URL

RESOLVED FIXED311323

[Site Isolation] Cross-origin sandboxed iframe with allow-top-navigation cannot navigate parent to blob URL

https://bugs.webkit.org/show_bug.cgi?id=311323

Summary [Site Isolation] Cross-origin sandboxed iframe with allow-top-navigation cann...

roberto_rodriguez2

Reported 2026-04-01 22:55:29 PDT

A cross-origin sandboxed iframe with allow-top-navigation fails to navigate its parent frame to a blob URL when site isolation is enabled. The navigation is blocked and the blob URL's CSP is not enforced. Related layout test: imported/w3c/web-platform-tests/content-security-policy/inheritance/blob-url-inherits-from-initiator.sub.html

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2026-04-01 22:55:36 PDT

<rdar://problem/173912331>

roberto_rodriguez2

Comment 2 2026-04-01 23:11:27 PDT

Pull request: https://github.com/WebKit/WebKit/pull/61887

EWS

Comment 3 2026-04-06 11:41:40 PDT

Committed 310657@main (b76414d79a7a): <https://commits.webkit.org/310657@main> Reviewed commits have been landed. Closing PR #61887 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component New Bugs

Assignee

Nobody

Reported

2026-04-01 22:55 PDT

Modified

2026-04-06 11:41 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks