I noticed that my Javascript bookmarklet was failing on certain sites like Google Reader and Google search results pages (and randomly on some non-Google sites). Looking at the console, I could see that, for these pages, clicking the bookmarklet did not append elements to the head/body like it normally did, but created a new document that looked like this:
<html>
<head></head>
<body></body>
</html>
Even when I reduced my bookmarklet to javascript:alert(window.location.href); it would create this blank page and run the bookmarklet therein, so that the alert showed about:blank. On most sites, this blank page is not created and the correct location is shown.
Can someone explain this? Are these sites sandboxing externally run code as a safety measure?
UPDATE: I currently can't reproduce this on browsers other than Chrome 17.0.932.0 dev. Please let me know if anyone else can reproduce these results on Chrome or otherwise.
I think this is a bug in Google Chrome, I've filed it to their bug database: https://bugs.webkit.org/show_bug.cgi?id=72606