Closed
Bug 248870
Opened 20 years ago
Closed 20 years ago
When javascript loaded in an IFRAME calls self.resizeTo the whole window is resized.
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: psyon, Unassigned)
References
()
Details
(Keywords: fixed-aviary1.0, fixed1.7.5)
Attachments
(1 file)
6.38 KB,
patch
|
peterv
:
review+
peterv
:
superreview+
roc
:
approval1.7.5+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040616 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040616 http://www.psyon.org/iframe.html contains an IFRAME that loads http://www.forbiddenweb.org/iframe.html On forbiddenweb there is javascript to resize the document to 600x100 (self.resizeTo(600x100)). When loaded in the IFRAME from psyon.org, the whole window is still resized. I view this as 2 errors actually. 1.) The self object is resizeing the top level document window. 2.) Its in a sense cross site scripting The issue has been tested in mozilla 1.7 and Firefox 0.9, both on windows platforms. Reproducible: Always Steps to Reproduce: 1. Visit http://www.psyon.org/iframe.html Actual Results: The Top level window is resized to 600x100 Expected Results: My personal view would be that self.resizeTo() should be ignored if a document is loaded inside an IFrame. In IE (not that people care) just the IFrame itself is resized. I dont view that as acceptable either. That could lead to advertisers and other such pages opened in iframe to exploit the function and take over a page by resizing the IFrame to the full width and height. The sample url above should provide all the information needed.
Comment 1•20 years ago
|
||
We should probably do what IE does. Netscape 4.x and earlier had no IFRAME support, but did introduce resize* methods. /be
Assignee: general → general
Status: UNCONFIRMED → NEW
Component: JavaScript Engine → DOM: Level 0
Ever confirmed: true
Comment 2•20 years ago
|
||
We already prevent changing the window size on an [i]frame using window.innerWidth/innerHeight, we should do the same thing for outerWidth/outerHeight, and resize*. Trivial change, anyone got the cycles?
Reporter | ||
Updated•20 years ago
|
Comment 3•20 years ago
|
||
Updated•20 years ago
|
Attachment #152171 -
Flags: superreview?(peterv)
Attachment #152171 -
Flags: review?(peterv)
Updated•20 years ago
|
Attachment #152171 -
Flags: superreview?(peterv)
Attachment #152171 -
Flags: superreview+
Attachment #152171 -
Flags: review?(peterv)
Attachment #152171 -
Flags: review+
Comment 4•20 years ago
|
||
Fixed on trunk and branch.
Reporter | ||
Comment 5•20 years ago
|
||
I am removing my sample URLs
Comment 6•20 years ago
|
||
This caused regression bug 250771.
Comment on attachment 152171 [details] [diff] [review] Fix jst: should the pair of fixes be committed to the 1.7 branch?
Attachment #152171 -
Flags: approval1.7.2?
Yes! we don't want Aviary Gecko to diverge from the 1.7 branch. In fact it probably should have gone into 1.7 branch first and then into Aviary.
Comment 9•20 years ago
|
||
This caused a crash regression - are we sure we want it on 1.7? Do aviary folk know of the crash regression?
Comment 10•20 years ago
|
||
*** Bug 259447 has been marked as a duplicate of this bug. ***
Comment 11•20 years ago
|
||
*** Bug 259941 has been marked as a duplicate of this bug. ***
Comment on attachment 152171 [details] [diff] [review] Fix jst, can you please put this on the 1.7 branch?
Attachment #152171 -
Flags: approval1.7.x? → approval1.7.x+
You need to log in
before you can comment on or make changes to this bug.
Description
•