Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mention sessionStorage copying in logic for creating auxiliary browsing contexts #2681

Closed
mystor opened this issue May 15, 2017 · 5 comments
Closed

Mention sessionStorage copying in logic for creating auxiliary browsing contexts #2681

mystor opened this issue May 15, 2017 · 5 comments
Labels
topic: frames/navigables/browsing contexts topic: navigation

Comments

@mystor
Copy link
Contributor

mystor commented May 15, 2017

When opening a new auxiliary browsing context, SessionStorage defines its behavior (that the Storage object is copied, but not shared with, the new toplevel window) here: https://html.spec.whatwg.org/multipage/webstorage.html#the-sessionstorage-attribute

This is not mentioned in the logic flow for creating a new auxiliary browsing context, for example, in the named window resolution logic here: https://html.spec.whatwg.org/multipage/browsers.html#noopener. This creates some spooky action-at-a-distance where sessionStorage logic must be run in this codepath but is not mentioned.

This should be refactored so that the sessionStorage behavior is mentioned when creating a new auxiliary browsing context (probably here: https://html.spec.whatwg.org/multipage/browsers.html#creating-a-new-browsing-context).

cc @annevk
@mystor
Copy link
Contributor Author

mystor commented May 15, 2017

Another note: when opening a new window with noopener, we currently follow all steps for creating a new window, including copying sessionStorage from the existing window into the new window. This seems undesirable as we want noopener to imply that the opened window is not an auxiliary browsing context (from my understanding). I imagine that web developers would not expect a new window opened with noopener to get a copy of sessionStorage from the original window.

This is currently the behavior in both Chrome and Firefox (haven't tested any other browsers).

@mystor
Copy link
Contributor Author

mystor commented May 15, 2017

Also cc-ing @bzbarsky re the second comment above, as he probably has thoughts.

@annevk
Copy link
Member

annevk commented May 15, 2017

cc @mikewest

@bzbarsky
Copy link
Contributor

Ideally we wouldn't copy sessionStorage for the noopener case, yes. Not sure about the noreferrer case; again ideally it would work that way but webcompat is worrisome.

@mikewest
Copy link
Member

I agree with both @mystor and @bzbarsky that we probably shouldn't be copying sessionStorage over to the newly created noopener window. I bet we can get away with doing the same for noreferrer, since this is a fairly niche case.

@mystor mystor mentioned this issue Jul 12, 2017
Merged
@domenic domenic closed this as completed in a68a1f7 Sep 5, 2017
@patricia-gallardo patricia-gallardo mentioned this issue Oct 9, 2018
Closed
alice pushed a commit to alice/html that referenced this issue Jan 8, 2019
@mystor
Make noopener stop the copying of session storage
a5e913a 
This was discussed in whatwg#2681.

Tests: https://bugzilla.mozilla.org/show_bug.cgi?id=1372662

Also fixes whatwg#2681's original issue by relocating the copying logic to the
place where new browsing contexts are actually created, instead of it
being located in the session storage portions of the spec.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
topic: frames/navigables/browsing contexts topic: navigation
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mikewest @mystor @bzbarsky @annevk