Should navigables created and navigated via WebDriver BiDi commands be counted as script-closable?

[OrKoN]

Currently, the spec says that after a navigable is created and navigated to a URL, the page can close the navigable by calling window.close because the history size is 1. (https://html.spec.whatwg.org/#script-closable, https://html.spec.whatwg.org/#the-navigation-must-be-a-replace).

Should we keep this behavior or should we ensure that pages cannot interfere with the automation (more closely following how the user opening a tab using the browser ui would handled handled)? I suspect we want to keep the current behavior but filing an issue in case there are different opinions.

[whimboo]

From my point of view we should stay as close as possible to the experience of a normal user. That means that we should not change the default behavior as given by the web browser. It would add scenarios that cannot be tested - or would require workarounds in the test but then the test might not test the user facing behavior anymore.

I vote to keep the current behavior.

[OrKoN]

stay as close as possible to the experience of a normal user
I vote to keep the current behavior.

but the current behavior is not what the normal user would experience because new tabs do not open about:blank in the first place for normal users. Only window.open has this behavior.

[jgraham]

I'm not sure I understand in which circumstances the history size can be 1, but if I create a new tab and navigate to data:text/html;charset=utf-8,%3C!DOCTYPE%20html%3E%0A%3Cscript%3E%0Aalert(history.length)%0Awindow.close()%0A%3C%2Fscript%3E, history.size is 2 and the window.close() fails.

In any case, browsingContext.create should create a browsing context that is not script closable.

[OrKoN]

The size is 1, if the initial URL is about:blank https://html.spec.whatwg.org/#the-navigation-must-be-a-replace

[jgraham]

But what's the case where you can:

• Open a new browsing context with about:blank
• Have that browsing context not be an auxillary browsing context (so no other browsing context has a handle to it)
• Execute script in it to run window.close()

In the case where you run window.open("about:blank") it seems to me that you fall under the "is an auxillary browsing context" clause, so window.size doesn't matter. And if you window.open("about:blank", "noopener") then I don't immediately see how anything (except WebDriver, or something else outside the platform) could cause script to run.

Anyway if the question is "if you browsingContext.create() a window and then without navigating it inject some script that runs window.close(), should it close" I think the answer ought to be "no", but the spec answer looks like it might be "yes". It also seems like something of an edge case, since there's already a way for webdriver to close any window. But maybe this ends up being important if clients are (ab)using document.open and document.write to inject content into newly opened windows?

[whimboo]

@jgraham you are seeing this behavior because your default URL of a new tab is about:newtab in Firefox. You will have to switch to about:blank to get the mentioned behavior.

[jgraham]

In fact, in Firefox, if I switch the new tab page to about:blank it reports history.size as 2, but the script can close the page.

If history.size was different for a new tab according to browser configuration that would seem like a clear privacy leak. It might still be a privacy leak if you can close the page in one case but not another.

In any case I don't really understand what use case the HTML spec is serving here (surely allowing pages to close themselves iff they are the first page loaded in a tab where the new tab page was set to about:blank isn't a use case), but I don't think it matters to what we want the behaviour to be for WebDriver.