search

gorhill / httpswitchboard

Point & click to forbid/allow any class of requests made by your browser. Use it to block scripts, iframes, ads, facebook, etc.
GNU General Public License v3.0
1.33k stars 83 forks source link

Frames not working as expected #386

Open hrj opened 9 years ago

hrj commented 9 years ago

On this website: https://ant.apache.org/manual/index.html

I have enabled "frames" in the matrix. But am not able to actually view the documents in the right-side frame, after clicking on the links in the left-side frame.

Note, you need to click to the second level of the table-of-contents in order to update the right-side frame.

The message shown in the console is:

Unsafe JavaScript attempt to initiate navigation for frame with URL 'https://ant.apache.org/manual/cover.html' from frame with URL 'https://ant.apache.org/manual/installlist.html'. The frame attempting navigation is sandboxed, and is therefore disallowed from navigating its ancestors.

httpsb version: 1.0.0.4

gorhill commented 9 years ago

Do you have script blocked for that site?

hrj commented 9 years ago

Ah! I did have it blocked (by default).

Enabling JS + refreshing page got it working! (Before reporting the bug, I had tried enabling JS without refreshing. The matrix didn't show any entry for scripts, hence I didn't give it much thought.)

So the bug here seems to be that script attempt is not reported in the matrix?

gorhill commented 9 years ago

There is no script. It's the sandbox directive injected into the frame, it blocks everything except two specific things. It's difficult to tune, and it looks like I will have to allow something navigation to not cause the breakage you experienced. What's scares me by adding these permissions is to interfere with existing ones set by the site. I will have to read all about this (huge doc) carefully.