!@ surrogate not running on iframe when js is enabled
Posted: Wed Jul 28, 2010 12:26 pm
Simple local web server test page (parent + iframe) Surrogate runs for both when js is disabled, and only for the parent when js enabled
NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/
NS 2.0.1Giorgio Maone wrote:Fixed in latest development build, thanks.
Code: Select all
<iframe src="frame.htm"></iframe>
Code: Select all
iframe
Code: Select all
noscript.surrogate.test.replacement;dump('test surrogate - '+document.URL+'\n');
noscript.surrogate.test.sources;!@localhost
Code: Select all
!@http://evil.hackademix.net/test/surrogate/frames.phpCode: Select all
document.write = function(s){ if(arguments[0]=="FAILED") arguments[0]="OK"; document.__proto__.write.apply(this, arguments) };var res=document.getElementById("res");if(res)res.innerHTML="OK";
On Minefield as well?al_9x wrote: However, both the localhost test that I posted as well as hotmail, don't work, in the manner described in my previous post.
Just tried in "Mozilla/5.0 (Windows NT 5.1; rv:2.0b4pre) Gecko/20100806 Minefield/4.0b4pre"Giorgio Maone wrote:On Minefield as well?al_9x wrote: However, both the localhost test that I posted as well as hotmail, don't work, in the manner described in my previous post.
I think there is still a problem in Hotmail. @.mail.live.com/mail/InboxLight.aspx surrogate is being invoked when selecting messages. AFAICT message selection does not navigate the InboxLight.aspx iframe, it does ajax, so the surrogate should not be called.Giorgio Maone wrote:Should be definitely fixed in latest development build for Firefox 3.6.8 and above (including 4).
I'm dropping page-level surrogate support in frames on older Firefox versions: it just seems there's no reliable way to execute them at the right time.
Page-level surrogates in on Fx 3.6.8 and above are triggered by a content-document-global-created notification observer, therefore if you're positive they're invoked after an AJAX navigation (which I doubt) or twice or at the wrong time, a bug should be filed on the Mozilla bug tracker blocking https://bugzilla.mozilla.org/show_bug.cgi?id=549539al_9x wrote:I think there is still a problem in Hotmail. @.mail.live.com/mail/InboxLight.aspx surrogate is being invoked when selecting messages. AFAICT message selection does not navigate the InboxLight.aspx iframe, it does ajax, so the surrogate should not be called.
Can you please confirm that it is indeed gecko? You have a hotmail account. Make sure you have the preview pane activated. Click on different messages in the inbox.Giorgio Maone wrote:if you're positive they're invoked after an AJAX navigation (which I doubt)
Code: Select all
noscript.surrogate.test.replacement;dump('test surrogate - '+document.URL+'\n');
noscript.surrogate.test.sources;@.mail.live.com/mail/InboxLight.aspx
Code: Select all
dump("Context is " + (("test" in window) ? "OLD" : "NEW") + "!\n"); window.test = true;
Code: Select all
addEventListener('load',function(){dump('test surrogate - '+parent.name+'\n');alert(document.documentElement.innerHTML);},false);
If the frame is empty (no src attribute or just the default about:blank) and it's written with document.write(), it "inherits" its document URL by its parent. Might this explain your observations?al_9x wrote:[*] so somehow the surrogate intended for the parent frame is executing for the child[/list]
Let's say that it does, dom inspector confirms that the document.URL of the child history iframe changes to that of the parent after message selection. The purpose of surrogates being more often than not, dom manipulation, it seems a worthwhile goal to try to avoid executing them in the wrong/unintended frames. Is there a reliable way to detect this url inheriting (cross document doc.writing ) to avoid executing the surrogate? Or would you say one might actually want surrogates firing on cross doc.written frames?Giorgio Maone wrote:Might this explain your observations?