From 965237efb8327e8df999902cc203d32c107afcbb Mon Sep 17 00:00:00 2001 From: MacDue Date: Thu, 25 Aug 2022 19:06:18 +0100 Subject: [PATCH] LibWeb: Don't return an opaque origin for file:// URLs The protocol of the origin is used for checking if the a file:// iframe is allowed to be loaded (a document with a file:// origin can load other files in iframes). This used to be the case, but was changed in 6e71e400e696a92bbc2a69e6a59efddc29b926ce, which broke file:// iframes. --- Userland/Libraries/LibWeb/HTML/BrowsingContext.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Userland/Libraries/LibWeb/HTML/BrowsingContext.cpp b/Userland/Libraries/LibWeb/HTML/BrowsingContext.cpp index e45dba2e6d..f9aedf8563 100644 --- a/Userland/Libraries/LibWeb/HTML/BrowsingContext.cpp +++ b/Userland/Libraries/LibWeb/HTML/BrowsingContext.cpp @@ -52,7 +52,8 @@ static HTML::Origin url_origin(AK::URL const& url) if (url.scheme() == "file"sv) { // Unfortunate as it is, this is left as an exercise to the reader. When in doubt, return a new opaque origin. - return HTML::Origin {}; + // Note: We must return an origin with the `file://' protocol for `file://' iframes to work from `file://' pages. + return HTML::Origin(url.protocol(), String(), 0); } return HTML::Origin {};