In receiver page, sandboxing flags do not fully block top-level navigation. #434
Labels
Comments
|
All - please review this v1 issue and its proposed resolution by @mfoltzgoogle. Unless concerns are raised by the end of this week, I'd ask @mfoltzgoogle to craft a PR per the proposal to get the spec updated. @mfoltzgoogle, thanks for identifying the issue and proposing a solution. |
|
Merged PR. Closing. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The steps to create a receiving browsing context set the sandboxed top-level navigation browsing context flag [1]. According to the HTML 5.1 navigation algorithm [1], this only applies when nested browsing contexts attempt to navigate their top browsing context, so it does not make sense for the original receiving browsing context (only, possibly, nested browsing contexts inside it).
We could also set the sandboxed navigation browsing context flag, which would block navigation for browsing contexts other than the receiving browsing context. But I don't see a way to block a top-level browsing context from navigating itself - at least through the sandboxing flags defined in HTML.
I would suggest removing the sandboxed top-level navigation browsing context flag and adding a normative note that the receiving user agent should block top-level navigation that is not same-document, which should cover both navigation from top-level contexts and nested contexts.
[1] https://www.w3.org/TR/html51/browsers.html#sandboxing
[2] https://www.w3.org/TR/html51/browsers.html#allowed-to-navigate
The text was updated successfully, but these errors were encountered: