You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The definition of top-level traversable was modified to always get the unfenced top-level traversable. That is, calling this algorithm from within a fenced frame tree will break past the fenced frame boundary and get the outermost traversable instead.
This change has the side effect of breaking the intended fenced functionality of window.top. That algorithm returns the active WindowProxy of the top-level traversable. However, since that algorithm is unfenced, window.top is now able to reach past a fenced frame boundary and get a frame outside of a fenced frame tree, which is something we do not want the web platform to be able to do.
The definition of top-level traversable was modified to always get the unfenced top-level traversable. That is, calling this algorithm from within a fenced frame tree will break past the fenced frame boundary and get the outermost traversable instead.
This change has the side effect of breaking the intended fenced functionality of
window.top
. That algorithm returns the activeWindowProxy
of the top-level traversable. However, since that algorithm is unfenced,window.top
is now able to reach past a fenced frame boundary and get a frame outside of a fenced frame tree, which is something we do not want the web platform to be able to do.To fix this, we should:
window.top
algorithm call the fenced version of top-level traversable.The text was updated successfully, but these errors were encountered: