Creating a blob in an iframe, then navigating the iframe to that blob url, then accessing the iframe contents from parent document, gets SecurityError #25080
Labels
A-content/script
Related to the script thread
Projects
Comments
|
Based on an experience I had a couple years ago with making the blob API work across browsers, I would guess that the Chrome TIMEOUT on this test is because of expiring the blob URL too early. I don't think that would ever give a SecurityError though, so our problem is probably origin-related and not expiration-related. |
|
We might be treating the blob URL as cross-origin to the iframe's parent's document when we load it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WPT html/webappapis/dynamic-markup-insertion/opening-the-input-stream/location-set-and-document-open.html attempts this. The iframe in question is created by createElement, so it's presumably about:blank initially, which could complicate the matter of determining the blob's origin.
Instead of either seeing the expected PASS or the unexpected-but-possible FAIL in the iframe's textContent, this test just gets a SecurityError trying to read into the iframe. Chrome and Edge also fail this test, but not via SecurityError.
The text was updated successfully, but these errors were encountered: