Open Bug 1195831 Opened 9 years ago Updated 2 years ago

sandboxed iframe allows unpreventable top navigation via backspace key

Categories

(Core :: DOM: UI Events & Focus Handling, defect)

Product:
Core
Component:
DOM: UI Events & Focus Handling
Version:
40 Branch
Type:
defect

Tracking

()

People

(Reporter: jason, Unassigned)

References

Details

Attachments

(1 file)

sandboxed-iframe-back-nav-example.html
477 bytes, text/html
Details 
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
Build ID: 20150807085045

Steps to reproduce:

1. Create a page with a sandboxed <iframe> that uses a keydown event handler to preventDefault() on Backspace (to prevent accidental Back navigation)
2. Navigate to the page from Step 1
3. Click inside the sandboxed <iframe>
4. Hit the Backspace key


Actual results:

Back navigation!, even though top-level navigation should be disallowed due to sandbox attribute. And top-level document's onkeydown event was not raised, making the top-level navigation unpreventable. Since the iframe is sandboxed, I can't add script in the iframe's document to detect Backspace key unless I use sandbox="allow-scripts".


Expected results:

If Backspace key inside an <iframe> can perform top-level Back navigation, then that key event should be observable (and preventable) within the context of the top-level window (and/or be observable on the <iframe> element itself).
Same behavior in IE and Chrome as well.

Chromium bug report:
https://code.google.com/p/chromium/issues/detail?id=522120
Related: bug 1041377
Component: Untriaged → Keyboard Navigation
Product: Core → Firefox
Component: Keyboard Navigation → Keyboard: Navigation
Depends on: 1041377
Product: Firefox → Core
Status: UNCONFIRMED → NEW
Ever confirmed: true
Component: Keyboard: Navigation → User events and focus handling
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: