Stop evaluating script elements moved between Documents during fetching

Do not evaluate scripts or fire error/load events, if <script> elements are moved between Documents during fetching. Script elements can be still moved between Documents, but they won't be executed.

This is to prevent possible security bug, because there have been several bad XSS-related bugs in Chromium due to the code path for executing <script> elements moved between Documents.

Documentation

Specification

Public discussion

Status in Chromium

Blink>HTML>Script


In development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Owners

Intent to Implement url

Intent to Implement thread

Last updated on 2019-10-09