Closed Bug 138672 Opened 22 years ago Closed 22 years ago

Reading XML files cross-host with XSLT

Categories

(Core :: Security, defect, P1)

Product:
Core
Component:
Security
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 113351
Milestone:
mozilla1.0

People

(Reporter: security-bugs, Assigned: peterv)

References

Details

(Whiteboard: [ADT2 RTM])

Attachments

(2 files)

Demo - xml4.xml
190 bytes, text/plain
Details
test2.xsl
610 bytes, text/plain
Details 
Check attached file xml4.xml and test2.xls - in it change 127.0.0.3 with 
the address of the web server. xml4.xml demonstrate 2 ways to read xml - 
directly and with HTTP redirect - re.pl is a cgi-bin which redirects to 
the query string.

With the growing importance of xml I believe xml should be subject to the
same origin policy the same way as html is.
Attached file Demo - xml4.xml 

    
    

    
  

      
      
      
      

        Attached file
          
        test2.xsl
      

    


  
Keywords: nsbeta1+
Whiteboard: [ADT2 RTM]

    
    

    
  
I'll take this.
Assignee: mstoltz → peterv

    
  
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → mozilla1.0

    
    

    
  
*** Bug 145353 has been marked as a duplicate of this bug. ***

    
    

    
  

*** This bug has been marked as a duplicate of 113351 ***
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE

    
    

    
  
While the xml bugs are fixed in Mozilla 1.0, they are not fixed in the trunk
(nightlies). Someone please check the fixes in the trunk.
Group: security?

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: