Open jimmywarting opened 7 years ago
Think it would be useful to flag this. In fact safari has several issues with blob in sandboxed iframe (<iframe sandbox="allow-scritps">) You can't create a ObjectURL and use it on a element. eg:
<iframe sandbox="allow-scritps">
script = document.createElement('script') script.src = URL.createObjectURL( new Blob(["alert('Wello world')"]) ) document.body.appendChild(script)
(same goes for making image, iframes, css links element and everything else)
Reading something you have created yourself won't work
blob = new Blob(["abc"]) fr = new FileReader() fr.readAsText(blob)
stuff you are fetching with fetch res.blob() and xhr's responseType = blob can't be read
res.blob()
responseType = blob
BTW, this only applies to secure (https) pages
I created a fiddle to demonstrate it: https://jsfiddle.net/bgh27rre/1/
Think it would be useful to flag this. In fact safari has several issues with blob in sandboxed iframe (
<iframe sandbox="allow-scritps">
) You can't create a ObjectURL and use it on a element. eg:(same goes for making image, iframes, css links element and everything else)
Reading something you have created yourself won't work
stuff you are fetching with fetch
res.blob()
and xhr'sresponseType = blob
can't be readBTW, this only applies to secure (https) pages