@mikewest Can you please explain what the specific special case for file:// Chrome has from the normal navigation security checks it does? See https://bugzilla.mozilla.org/show_bug.cgi?id=1615979#c5 … and the described file:// testcase inhttps://bugzilla.mozilla.org/show_bug.cgi?id=1615979#c4 …
In particular, my brief read of https://cs.chromium.org/chromium/src/third_party/blink/renderer/core/frame/location.cc?l=259&rcl=1a14f7e082dcb259885b2d4f1b7c543ca6f8093c … and the code in CanNavigate suggests this should be disallowed by the security checks there....
-
-
Commented on the bug, thanks for the ping!
-
Thanks. I think you misunderstood the test scenario, but the code you linked to certainly looks like it implements exactly the "oh, but skip the same-origin check in this case for file://" thing involved...
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.