Iframes using srcdoc are blocked and cannot be easily unblocked

[Cubittus]

RPC version 1.0.beta12.4. FF version 51.0b3 (32-bit).

1. Visit example URL : http://www.bbc.co.uk/news/business-38141510
2. Note the blank space midway down the page which should be an iframe containing a stock graph.

RPC blocks this and the log shows the destination url as 'about:srcdoc'.

I added an allow rule:

• src-host = www.bbc.co.uk
• dest-scheme = about
• dest-host = srcdoc

This does not work as it only matches about://srcdoc. RPC adds two slashes to the about scheme which won't match about:srcdoc.

I had to add a rule:

• src-host = www.bbc.co.uk
• dest-scheme = about
• dest-host =

for the iframe to load.

Should RPC handle about:srcdoc internally, as it does for about:blank for iframes?

[myrdd]

You are right, about:srcdoc should be whitelisted!

W3C links:

• https://www.w3.org/TR/2011/WD-html5-20110113/the-iframe-element.html#attr-iframe-srcdoc
• https://www.w3.org/TR/2011/WD-html5-20110113/urls.html#about:srcdoc