Stop evaluating script elements moved between Documents during fetching
Do not evaluate scripts or fire error/load events, if <script> elements are moved between Documents during fetching. Script elements can be still moved between Documents, but they won't be executed.
This is to prevent possible security bug, because there have been several bad XSS-related bugs in Chromium due to the code path for executing <script> elements moved between Documents.
Status in Chromium
Enabled by default (tracking bug) in:
- Chrome for desktop release 79
- Chrome for Android release 79
- Android WebView release 79
Consensus & Standardization
Intent to Prototype urlIntent to Prototype thread
Last updated on 2020-08-01