[whatwg] Confirming understanding about window.location's interaction with sandboxed seamless iframes

Adam Barth w3c at adambarth.com
Wed Apr 11 23:18:25 PDT 2012


We ran into a tricky case in implementing seamless today, and I'd like
to make sure we did the right thing.  Consider the following markup:

<iframe seamless srcdoc="<script>window.location =
'http://example.com/';</script>"></iframe>

According to the rules for navigating seamless iframes, when the child
frame assigns to window.location, the browser will navigate the parent
frame.  Now, what happens if you add in sandbox:

<iframe seamless sandbox="allow-scripts"
srcdoc="<script>window.location =
'http://example.com/';</script>"></iframe>

In this case, navigating the parent is blocked because the sandbox
prevents the child from navigating it's parent.  Therefore, the
navigation just fails.  There's a full test case up on GitHub if
that's helpful to you:

https://github.com/eseidel/webkit/blob/seamless/LayoutTests/fast/frames/seamless/seamless-window-location-sandbox.html

Please let us know if we've misunderstood the interactions between
these three features.

Thanks!
Adam


More information about the whatwg mailing list