Hm, I wasn't careful enough when I checked the spec yesterday, I guess. I notice that <object> seems to fire an error event on HTTP error <https://html.spec.whatwg.org/multipage/iframe-embed-object.html#:~:text=If%20the%20load%20failed%20(e.g.%20there%20was%20an%20HTTP%20404%20error%2C%20there%20was%20a%20DNS%20error)%2C%20fire%20an%20event%20named%20error%20at%20the%20element%2C%20then%20jump%20to%20the%20step%20below%20labeled%20fallback.>. Is that not leaky in the same way?
Daniel On Wed, 17 Nov 2021 at 12:16, K. Moon <[email protected]> wrote: > There's no generic way to do this, as it would leak information. I don't > think this route is worth exploring. > > On Wed, Nov 17, 2021, 11:44 AM Tibor Goldschwendt <[email protected]> > wrote: > >> We explored postMessages for a bit, too. IIUC, this would only solve the >> success case properly though. But how do we know the iframe is broken? Not >> receiving the postMessage could also mean the iframe hasn't completed >> loading yet. >> >> On Wed, Nov 17, 2021 at 11:34 AM Domenic Denicola <[email protected]> >> wrote: >> >>> The "error" event does not fire on iframes though, precisely because we >>> don't want to leak information cross-origin. >>> >>> Pages generally deal with broken iframes, in cases where they need to, >>> by noticing that the iframe has not sent them the message they expect. (Via >>> parent.postMessage() from inside the iframe.) That is, they use an opt-in >>> protocol where the iframed page must affirmatively decide what information >>> to send cross-origin. >>> >>> On Wed, Nov 17, 2021 at 2:24 PM Daniel Cheng <[email protected]> >>> wrote: >>> >>>> The iframe element supports "load" and "error event listeners. Is the >>>> exact HTTP error needed? Or does the feature just need to know if it >>>> succeed or not? >>>> >>>> Daniel >>>> >>>> On Wed, 17 Nov 2021 at 11:19, Tibor Goldschwendt <[email protected]> >>>> wrote: >>>> >>>>> +Nasko Oskov <[email protected]> >>>>> >>>>> Thanks, Kahmy. Adding custom code in the browser process is another >>>>> avenue I'm exploring. Generally though, how do pages deal with broken >>>>> iframes? >>>>> >>>>> On Wed, Nov 17, 2021 at 6:39 AM K. Moon <[email protected]> wrote: >>>>> >>>>>> This would violate the same-origin policy, so I don't think you can >>>>>> do this within Blink, but given this is a chrome: page, maybe you could >>>>>> add >>>>>> some code in the browser to give this information to you. >>>>>> >>>>>> On Tue, Nov 16, 2021, 4:40 PM Tibor Goldschwendt <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi Blink Dev! >>>>>>> >>>>>>> Is there any way to get the HTTP return code of a cross-domain >>>>>>> iframe? FWIW, the hosting page has the chrome:// scheme while the iframe >>>>>>> has https:// scheme. From my limited testing I receive the load >>>>>>> <https://developer.mozilla.org/en-US/docs/Web/API/Window/load_event> >>>>>>> event >>>>>>> in all scenarios but couldn't find a way to query whether the load >>>>>>> succeeded. I also tried window.addEventListener('error', ...) and >>>>>>> iframe.addEventListener('error', ...) without any luck. >>>>>>> >>>>>>> Best regards, >>>>>>> Tibor >>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "blink-dev" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFgr3n%2B8i%2BNQNSJY0DFab9JrXG0QTq3W473t-beRtPYbLn1XjA%40mail.gmail.com >>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFgr3n%2B8i%2BNQNSJY0DFab9JrXG0QTq3W473t-beRtPYbLn1XjA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> >>>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "blink-dev" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFgr3nL-J4A0bQuXnU1Ns-eUYLNqVV65KZLeY3HuiPuBYQQmiQ%40mail.gmail.com >>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFgr3nL-J4A0bQuXnU1Ns-eUYLNqVV65KZLeY3HuiPuBYQQmiQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAF3XrKpDqd9ixPDOFiOu7NjMpmMm62nD0JxzBxyHfLmTJhr0PA%40mail.gmail.com >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAF3XrKpDqd9ixPDOFiOu7NjMpmMm62nD0JxzBxyHfLmTJhr0PA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAF3XrKr7rHkzv9CeasJCK8pw_i5rW_oeWq7MqAi5zqGrMtP%3DwA%40mail.gmail.com.
