Bug 32908 - "Refused to execute a JavaScript script" error when embedding SWF with a URL that is also a query parameter
Summary: "Refused to execute a JavaScript script" error when embedding SWF with a URL ...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Mac (Intel) OS X 10.6
: P2 Normal
Assignee: Nobody
URL: http://cdn4.kongregate.com/assets/fil...
Keywords: XSSAuditor
Depends on:
Blocks:
 
Reported: 2009-12-23 11:15 PST by vinsonb
Modified: 2009-12-23 15:22 PST (History)
3 users (show)

See Also:


Attachments
Simple file which embeds the Adobe Flash version checker SWF. It fails to embed if the URL to the SWF is included as a query param (500 bytes, text/html)
2009-12-23 11:15 PST, vinsonb
no flags Details
Patch (2.66 KB, patch)
2009-12-23 14:42 PST, Adam Barth
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description vinsonb 2009-12-23 11:15:47 PST
Created attachment 45443 [details]
Simple file which embeds the Adobe Flash version checker SWF. It fails to embed if the URL to the SWF is included as a query param

Attempting to embed a SWF using the "embed" tag when the "src" attribute is also present in the document's URL fails with the error:

Refused to execute a JavaScript script. Source code of script found within request

This is happening with the latest WebKit nightly, and also in the latest Chrome beta on both Mac+Windows.


For example, the following URL correctly displays the Adobe's standard Flash version checker, which is located at http://kb2.adobe.com/cps/155/tn_15507/images/flashplayerversion1.swf
http://cdn4.kongregate.com/assets/files/0000/0811/chrome_test.html

However, if I add the absolute location of the SWF as the value of a query parameter, the error message is displayed in the console, and the SWF fails to embed:
http://cdn4.kongregate.com/assets/files/0000/0811/chrome_test.html?anything=http://kb2.adobe.com/cps/155/tn_15507/images/flashplayerversion1.swf

If I slightly change that query parameter so that the URL is no longer an exact match (by removing the "f" from "swf"), everything works fine once again:
http://cdn4.kongregate.com/assets/files/0000/0811/chrome_test.html?param=http://kb2.adobe.com/cps/155/tn_15507/images/flashplayerversion1.sw

Another example:
http://www.youtube.com/watch?v=LkCNJRfSZBU - Movie loads properly
http://www.youtube.com/watch?v=LkCNJRfSZBU&breaky=http://s.ytimg.com/yt/swf/watch_as3-vfl138567.swf - Movie fails to load

This seems to be related to the XSSAuditor, but I have fairly limited knowledge of how that all works. Please excuse my ignorance if this behavior is intended. I noticed it because some of the functionality on our site was broken with Chrome 4, and have found a simple workaround for our purposes, but figured I should submit a report to you all just in case this is indeed unintended.
Comment 1 Adam Barth 2009-12-23 14:06:49 PST
We've seen this bug a couple of time.  I have a fix in mind.  I'll try to work it up now.
Comment 2 Adam Barth 2009-12-23 14:42:24 PST
Created attachment 45451 [details]
Patch
Comment 3 WebKit Review Bot 2009-12-23 14:49:19 PST
style-queue ran check-webkit-style on attachment 45451 [details] without any errors.
Comment 4 Eric Seidel (no email) 2009-12-23 14:59:55 PST
Comment on attachment 45451 [details]
Patch

Looks sane enough.  We talked a bunch via IM and you convinced me that this was non-harmful.

findInRequest(url, true, true)
needs to use Enums.  Could you file a bug about that?
Comment 5 Adam Barth 2009-12-23 15:22:43 PST
Comment on attachment 45451 [details]
Patch

Clearing flags on attachment: 45451

Committed r52532: <http://trac.webkit.org/changeset/52532>
Comment 6 Adam Barth 2009-12-23 15:22:49 PST
All reviewed patches have been landed.  Closing bug.