Iframe with sandbox="allow-scripts"

Issue #14268230 • Assigned to Scott W.

Details

Author
Aleksey L.
Created
Oct 17, 2017
Privacy
This issue is public.
Found in
  • Microsoft Edge
Found in build #
15.15063
Reports
Reported by 1 person

Sign in to watch or report this issue.

Steps to reproduce

Once allow-scripts specified, Edge attaches main document’s cookies to all XHR requests despite they (cookies) should not be accessible until allow-same-origin not specified.

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Steven K.”

    • Let me know if you need more info to reproduce the bug

    • Microsoft Edge Team

      Changed Assigned To to “Scott L.”

      Changed Assigned To to “Venkat K.”

      Changed Assigned To from “Venkat K.” to “Scott W.”

    You need to sign in to your Microsoft account to add a comment.

    Sign in