diff options
author | Aleksander Machniak <alec@alec.pl> | 2022-08-15 10:58:56 +0300 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2022-08-15 10:58:56 +0300 |
commit | 3b16cbf3718089157f6b782b1267a9037d653f28 (patch) | |
tree | 9cf9e7da221273695e56db109333917519d9184c | |
parent | bef70b5b15a915d75345e57ad502f57237aa0d68 (diff) |
Fix bug where "about:blank" page could trigger "load error" (#8554)
Use javascript:false; instead
-rw-r--r-- | CHANGELOG.md | 1 | ||||
-rw-r--r-- | program/include/rcmail_output_html.php | 2 | ||||
-rw-r--r-- | program/js/app.js | 4 |
3 files changed, 4 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f9303ee4..d3179b0d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ - Fix various PHP 8.2 warnings - Fix bug where it wasn't possible to create more than one response record on SQLite and Postgres (#8664) - Fix support for ManageSieve over implicit SSL (#8670) +- Fix bug where "about:blank" page could trigger "load error" (#8554) ## Release 1.6.0 diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php index 6a2fe247d..1408ac61a 100644 --- a/program/include/rcmail_output_html.php +++ b/program/include/rcmail_output_html.php @@ -2182,7 +2182,7 @@ EOF; } $attrib['name'] = $attrib['id']; - $attrib['src'] = !empty($attrib['src']) ? $this->abs_url($attrib['src'], true) : 'about:blank'; + $attrib['src'] = !empty($attrib['src']) ? $this->abs_url($attrib['src'], true) : 'javascript:false;'; // register as 'contentframe' object if ($is_contentframe || !empty($attrib['contentframe'])) { diff --git a/program/js/app.js b/program/js/app.js index fdcc1249f..69d764906 100644 --- a/program/js/app.js +++ b/program/js/app.js @@ -217,7 +217,7 @@ function rcube_webmail() this.task = this.env.task; if (!this.env.blankpage) - this.env.blankpage = 'about:blank'; + this.env.blankpage = 'javascript:false;'; // find all registered gui containers for (n in this.gui_containers) @@ -5121,7 +5121,7 @@ function rcube_webmail() this.get_save_target = function(unlock) { // Removing the frame on load/error to workaround issues with window history - this.dummy_iframe('savetarget', 'about:blank') + this.dummy_iframe('savetarget', 'javascript:false;') .on('load error', function() { // catch invalid/error response from server and unlock the UI (#7494, #7488, #7522) if (unlock && $(this).contents().find('meta[name="generator"][content="Roundcube"]').length == 0) { |