Updates:
Owner: [email protected]
Comment #10 on issue 3845 by [email protected]: crash when trying to
load JS Shell bookmarklet on an https page
http://code.google.com/p/chromium/issues/detail?id=3845
OK, here is Adam's comments on that bug and on the idea of creating a
navigation entry for popup created with no URL:
-------------
The right fix for this is to propagate mixed content warnings to all
the pages in the same security origin, but that's a bug for another
day.
It's very hard to figure out which page created the popup in all the
corner cases (especially when you consider cases the involve plug-ins,
call stacks that span multiple pages, etc). Life gets more
complicated once someone calls document.open() because then the URL of
the document (and some of its security context, like its cookie
context) mutates to the URL of the of page whose script called
document.open(). In the end, its simpler and just as secure to show
about:blank.
-------------
So we'll simply ignore mixed-content and error notifications when we have
no navigation entry.
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
-~----------~----~----~----~------~----~------~--~---
