How do we check if an ancestor browsing context has the same URL? #25748
Labels
Comments
jdm
added
A-constellation
|
Gecko is also dealing with this right now: https://bugzilla.mozilla.org/show_bug.cgi?id=1597427 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
#3931 gave a simple case of a self-including iframe that would keep loading more of itself until running out of resources. #25668 has a fix for that simple case, but the simple fix relies on window.GetParent, and window.GetParent can only traverse same-origin browsing contexts.
If https://example1.not has an iframe src="https://example2.not" and example2 likewise embeds example1, https://html.spec.whatwg.org/multipage/iframe-embed-object.html#otherwise-steps-for-iframe-or-frame-elements step 2 tells us to stop, and the spec is phrased as though we can perform this step synchronously. Since scripts in different origins actually aren't synchronous, we can't do this just by walking through DOM elements; we need to use messages to do it, and it's conceivable that an ancestor will actually change the browsing context chain between when we start the check and when we reach that ancestor.
There was some mapping out of the problem here: #25668 (comment)
The text was updated successfully, but these errors were encountered: