-
Notifications
You must be signed in to change notification settings - Fork 450
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTP x-frame-options: deny
header makes the render process crash (77.1.12+gc63c001+chromium-77.0.3865.90)
#2779
Comments
Original changes by Masayuki Nagamachi (Bitbucket: Masayuki Nagamachi).
|
Original changes by Masayuki Nagamachi (Bitbucket: Masayuki Nagamachi).
|
Original changes by Masayuki Nagamachi (Bitbucket: Masayuki Nagamachi).
|
Interesting, the “bad IPC message” error occurs when loading the URL in cefsimple but not cefclient in my testing on Windows 10. Here’s the call stack leading to LogBadMessage in 77.0.3865.90:
|
Original comment by Masayuki Nagamachi (Bitbucket: Masayuki Nagamachi). Confirmed that removing the following line can solve the crash issue: The content module commits a new navigation request in order to show an error page:
In addition,
As a result,
This crash issue can be simply solved by removing |
Original changes by Masayuki Nagamachi (Bitbucket: Masayuki Nagamachi).
|
Agreed, LoadString should not be called from OnLoadError. This looks like a variant of issue #2586. |
Duplicate of #2586. |
|
Issue #2781 was marked as a duplicate of this issue. |
Original report by Masayuki Nagamachi (Bitbucket: Masayuki Nagamachi).
What steps will reproduce the problem?
Run
cefsimple --url=https://erlend.oftedal.no/blog/tools/xframeoptions/
The render process crashes with the following messages:
[1009/162452.386141:INFO:CONSOLE(0)] "Refused to display 'https://erlend.oftedal.no/blog/tools/xframeoptions/frame.php?img=no&header=deny' in a frame because it set 'X-Frame-Options' to 'deny'.", source: https://erlend.oftedal.no/blog/tools/xframeoptions/ (0) [1009/162452.406430:ERROR:bad_message.cc(27)] Terminating renderer for bad IPC message, reason 216
The “reason 216” is
RFH_NO_MATCHING_NAVIGATION_REQUEST_ON_COMMIT
which is defined in //content/browser/bad_message.h. This enum was introduced at 5902535cc6e6bbdfb4698493ea608845f77328a4.The same issue occurs when loading https://www.youtube.com/.
What is the expected output? What do you see instead?
The render process shouldn’t crash even when receiving HTTP
x-frame-options: deny
header.Similar messages are shown when loading the URL with Chrome 77.0.3865.90 (Official Build) (64-bit) for Linux/Desktop. But the render process never crashes.
What version of the product are you using? On what operating system?
Found this issue when running cefsimple downloaded from http://opensource.spotify.com/cefbuilds/cef_binary_77.1.12%2Bgc63c001%2Bchromium-77.0.3865.90_linux64_client.tar.bz2.
But this issue may also occur in older versions.
The text was updated successfully, but these errors were encountered: