#10771 closed defect (fixed)
Dijit._base and detecting focus within iframe, that loaded its source from a foreign host (IE8)
Reported by: | klipstein | Owned by: | bill |
---|---|---|---|
Priority: | high | Milestone: | 1.4.2 |
Component: | Dijit | Version: | 1.4.0 |
Keywords: | dijit contentWindow iframe ie8 | Cc: | |
Blocked By: | Blocking: |
Description
There is a security problem (Access denied) within dijit/_base/manager.js, when trying to determine focusable elements within an iframe. The "Access denied" exception is thrown within IE8, if dijit/dijit.js is used on a page that also contains an iframe, that loaded its content from a foreign domain.
Attachments (5)
Change History (11)
Changed 12 years ago by
Attachment: | test_contentwindow.html added |
---|
comment:1 Changed 12 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:2 Changed 12 years ago by
Milestone: | tbd → 1.5 |
---|
Assuming this is just in the main trunk, for 1.5
comment:3 Changed 12 years ago by
Bill, as this seems to be a regression vs. 1.3, as indicated in dupe #10792, is it possible to get this fix ported to the 1.4 branch? We are likely going to wait on a dojo.declare fix for 1.4.2, so we have some time to get this in for 1.4.2.
comment:5 Changed 12 years ago by
comment:6 Changed 12 years ago by
Milestone: | 1.5 → 1.4.2 |
---|
Note: See
TracTickets for help on using
tickets.
A simple testcase for IE8