[Problem/Bug]: Page loaded after calling window.stop()

[szanto90balazs]

What happened?

We have a test page for verifying address bar spoofing is not possible in our application and we started observing a new window loading behavior starting with WebView2 runtime v130 (tested on 130.0.2832.0)

When we open a new window, set its location to a valid URL and immediately call window.stop(), the page still gets loaded.

 function run() {
            let win = open("about:blank");
            win.document.write("<title>DuckDuckGo - Privacy, Simplified.</title>Not DDG.");
            setTimeout(() => {
                win.location = "https://duckduckgo.com/";
                win.window.stop();
            }, 500);

Seems like this only happens when even listener(s) attached to CoreWebView2.NewWindowRequested, but it's necessary for us to be able to customize the new window as well.

The issue can be reproduced with the WebView2WpfBrowser sample app if it's using WebView2 runtime v130+ (I used 130.0.2832.0). See recording

WebView2WpfBrowser_v130_reproducible.mp4

The issue cannot be reproduced with the sample app for WebView2 runtime v128 and v129

The complete code, copied from https://privacy-test-pages.site/security/address-bar-spoofing/spoof-about-blank-rewrite.html:

<!DOCTYPE html>
<html>

<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width">
    <title>About:Blank Rewrite Spoof</title>
    <script>
        // eslint-disable-next-line no-unused-vars
        function run() {
            let win = open("about:blank");
            win.document.write("<title>DuckDuckGo - Privacy, Simplified.</title>Not DDG.");
            setTimeout(() => {
                win.location = "https://duckduckgo.com/";
                win.window.stop();
            }, 500);
        }
    </script>
</head>

<body>
    <p><a href="./index.html">[Back]</a></p>
    This test will try to confuse the browser to show the wrong domain in the URL bar by opening an about:blank page,
    rewriting the content, starting a navigation elsewhere and quickly stopping the
    navigation using window.stop().
    <button id="run" onclick="run()">Start</button>
</body>

</html>

Importance

Important. My app's user experience is significantly compromised.

Runtime Channel

Prerelease (Edge Canary/Dev/Beta)

Runtime Version

130.0.2832.0

SDK Version

No response

Framework

WPF

Operating System

Windows 10, Windows 11

OS Version

No response

Repro steps

1. Checkout https://github.com/MicrosoftEdge/WebView2Samples/tree/main/SampleApps/WebView2WpfBrowser
2. Set up such that it uses the canary runtime (130.0.2832.0)
3. Compile and start the sample application
4. Go to https://privacy-test-pages.site/security/address-bar-spoofing/spoof-about-blank-rewrite.html
5. Click on the button with label "Start"
6. New window should be opened

Expectation: no page should be loaded, just about:blank

Repros in Edge Browser

No, issue does not reproduce in the corresponding Edge version

Regression

Regression in newer Runtime

Last working version (if regression)

Runtime 129.0.2792.31

AB#53858698

[JosephJin0815]

Hi @szanto90balazs, thanks for reporting this bug. We will investigate and report back.

[JosephJin0815]

A fixed has been made, it will be Edge Runtime version >= 130.0.2842.0 to be released in about a week.