Skip to content

/ angular.js Public

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Calling history.replaceState in data URI of an iframe causes error in Firefox and Edge #16900

Open
1 of 4 tasks
dikow opened this issue Sep 5, 2019 · 2 comments
Open
1 of 4 tasks

Calling history.replaceState in data URI of an iframe causes error in Firefox and Edge #16900

dikow opened this issue Sep 5, 2019 · 2 comments

Comments

@dikow
Copy link

@dikow dikow commented Sep 5, 2019

I'm submitting a ...

  • regression from 1.7.0
  • security issue
  • issue caused by a new browser version
  • other

Current behavior:
When I use AngularJS 1.7.8 + ng-table 3.0.1 in an iframe that was loaded via data URI, I get errors in Firefox (NS_ERROR_FAILURE) and Edge (SecurityError). This is caused by calling history.replaceState in line 6630 of angular.js.

Expected / new behavior:
You should only execute history.replaceState if the script is not loaded within a data URI:

if (!document.URL.startsWith('data:text/html')) {
    history[replace ? 'replaceState' : 'pushState'](state, '', url);
}

Minimal reproduction of the problem with instructions:
You can verify the different browser behavior with this demo:
https://jsfiddle.net/2rtq8ezx/

AngularJS version: 1.7.8
Browser: Firefox 69, Edge 44

Anything else:
This is an example of the error in Firefox:

filename: "https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js"
lineNumber: 6630
name: "NS_ERROR_FAILURE"
result: 2147500037
stack:
Browser/self.url@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:6630:56
$LocationProvider/this.$get<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:15310:16
invoke@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5141:19
createInjector/protoInstanceInjector<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:4930:37
getService@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5084:32
injectionArgs@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5109:58
invoke@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5133:18
createInjector/protoInstanceInjector<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:4930:37
getService@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5084:32
injectionArgs@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5109:58
invoke@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5133:18
registerDirective/</<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:8778:43
forEach@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:387:20
registerDirective/<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:8776:13
invoke@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5141:19
enforcedReturnValue@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:4976:37
invoke@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5141:19
createInjector/protoInstanceInjector<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:4930:37
getService@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5084:32
addDirective@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:10751:52
collectDirectives@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9980:15
compileNodes@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9751:22
compile@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9636:15
NgTableController</NgTableController.prototype.compileDirectiveTemplates@https://unpkg.com/ng-table@3.0.1/bundles/ng-table.js:1441:22
compile/<@https://unpkg.com/ng-table@3.0.1/bundles/ng-table.js:1123:28
bind/<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:1388:18
invokeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:11266:9
nodeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:10585:11
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9832:13
nodeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:10579:11
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9832:13
nodeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:10579:11
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9832:13
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9835:13
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9835:13
nodeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:10579:11
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9832:13
nodeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:10579:11
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9832:13
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9835:13
compositeLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9835:13
publicLinkFn@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:9697:30
bootstrapApply/<@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:1965:27
$eval@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:19393:28
$apply@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:19492:25
bootstrapApply@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:1963:15
invoke@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:5141:19
doBootstrap@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:1961:14
bootstrap@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:1981:12
angularInit@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:1866:5
@https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.7.8/angular.js:36430:5
i@https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js:2:27449
fireWith@https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js:2:28213
ready@https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js:2:30006
K@https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js:2:30368
@Sayan-dev
Copy link

@Sayan-dev Sayan-dev commented Oct 14, 2019

If this issue is still required to be solved I can work on it

@gkalpak
Copy link
Member

@gkalpak gkalpak commented Oct 14, 2019

Thx for stepping up, @Sayan-dev 👍
AngularJS (1.x) is in LTS mode, so I am afraid we are no longer accepting changes that are not critical bug fixes into this project. (See https://blog.angular.io/stable-angularjs-and-long-term-support-7e077635ee9c for more details.)

If you are looking to contribute to an OSS project, you are more than welcome to come over to the Angular (2+) repo and look for issues with the "hotlist: community help" label: https://github.com/angular/angular/labels/hotlist%3A%20community-help

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
@dikow @gkalpak @Sayan-dev