Created attachment 45443 [details] Simple file which embeds the Adobe Flash version checker SWF. It fails to embed if the URL to the SWF is included as a query param Attempting to embed a SWF using the "embed" tag when the "src" attribute is also present in the document's URL fails with the error: Refused to execute a JavaScript script. Source code of script found within request This is happening with the latest WebKit nightly, and also in the latest Chrome beta on both Mac+Windows. For example, the following URL correctly displays the Adobe's standard Flash version checker, which is located at http://kb2.adobe.com/cps/155/tn_15507/images/flashplayerversion1.swf http://cdn4.kongregate.com/assets/files/0000/0811/chrome_test.html However, if I add the absolute location of the SWF as the value of a query parameter, the error message is displayed in the console, and the SWF fails to embed: http://cdn4.kongregate.com/assets/files/0000/0811/chrome_test.html?anything=http://kb2.adobe.com/cps/155/tn_15507/images/flashplayerversion1.swf If I slightly change that query parameter so that the URL is no longer an exact match (by removing the "f" from "swf"), everything works fine once again: http://cdn4.kongregate.com/assets/files/0000/0811/chrome_test.html?param=http://kb2.adobe.com/cps/155/tn_15507/images/flashplayerversion1.sw Another example: http://www.youtube.com/watch?v=LkCNJRfSZBU - Movie loads properly http://www.youtube.com/watch?v=LkCNJRfSZBU&breaky=http://s.ytimg.com/yt/swf/watch_as3-vfl138567.swf - Movie fails to load This seems to be related to the XSSAuditor, but I have fairly limited knowledge of how that all works. Please excuse my ignorance if this behavior is intended. I noticed it because some of the functionality on our site was broken with Chrome 4, and have found a simple workaround for our purposes, but figured I should submit a report to you all just in case this is indeed unintended.
We've seen this bug a couple of time. I have a fix in mind. I'll try to work it up now.
Created attachment 45451 [details] Patch
style-queue ran check-webkit-style on attachment 45451 [details] without any errors.
Comment on attachment 45451 [details] Patch Looks sane enough. We talked a bunch via IM and you convinced me that this was non-harmful. findInRequest(url, true, true) needs to use Enums. Could you file a bug about that?
Comment on attachment 45451 [details] Patch Clearing flags on attachment: 45451 Committed r52532: <http://trac.webkit.org/changeset/52532>
All reviewed patches have been landed. Closing bug.