98408 – Clarify the "unsafe JavaScript attempt to access ..." message.

Bug 98408 - Clarify the "unsafe JavaScript attempt to access ..." message.

Summary: Clarify the "unsafe JavaScript attempt to access ..." message.

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:	43504
Blocks:	97978
	Show dependency tree / graph

Reported:	2012-10-04 07:49 PDT by Mike West
Modified:	2012-10-04 07:50 PDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mike West 2012-10-04 07:49:23 PDT

Report from a user, with regard to the "Unsafe JavaScript attempt to access frame with URL $X from frame with URL $Y. Domains, protocols and ports must match." console warning:  "What was accessed? What was unsafe about it? Which one(s) of domain, protocol, and port didn't match? Why does this error spam the console in apps (e.g. Gmail) that continue to work perfectly?"

We've made a few changes to this (sandboxing, for example), but we can certainly do more to provide some context. This at least partially overlaps with 43504.

Comment 1 Mike West 2012-10-04 07:50:48 PDT

Two users specifically complained about Vimeo's player generating this error, might be a good place to start.