Closed
Bug 337260
Opened 18 years ago
Closed 18 years ago
[FIX]img in data URL stops working on reload
Categories
(Core :: Networking, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla1.9alpha1
People
(Reporter: dbaron, Assigned: bzbarsky)
References
()
Details
Attachments
(1 file)
|
14.44 KB,
patch
|
dveditz
:
review+
jst
:
superreview+
|
Details | Diff | Splinter Review |
Images in data URLs don't seem to work correctly on reload; this seems to be a recent regression, although I haven't tested carefully. Steps to reproduce: 1. load data:text/html;charset=utf-8,%3C!DOCTYPE%20HTML%3E%0D%0A%3Cstyle%3E%20img%20%7B%20text-decoration%3A%20underline%3B%20%7D%20%3C%2Fstyle%3E%0D%0A%3Cp%3E%3Cspan%3E%20Text%20%3Cimg%20src%3D%22http%3A%2F%2Fhixie.ch%2Fresources%2Fimages%2Fsmallcats%22%20alt%3D%22%22%3E%20%3C%2Fspan%3E%3C%2Fp%3E 2. hit reload Actual results: 1. shows image 2. doesn't show image Expected results: 1. shows image 2. shows image
|
Reporter | |
Comment 2•18 years ago
|
||
Yep, I see a bunch of
Security Error: Content at moz-nullprincipal:{a26314cf-53e2-4db3-908b-514e119c7970} may not load or link to http://hixie.ch/resources/images/smallcats.
on the JS console.|
|
Reporter | |
Comment 3•18 years ago
|
||
Also note that you end up with the same case when the URL is loaded from a redirect; it seems the real problem here is also that we're preventing the null principal from loading HTTP images, on which there were previously (I thought) no restrictions. But we might want to make sure data URLs have the right principal when they're redirected to as well; probably this should be split into 3 bugs...
|
Assignee | |
Comment 4•18 years ago
|
||
So there are three sorta-separate issues here:
1) Redirected data: URLs have the null principal on purpose; otherwise you get
XSS attack vectors.
2) data: URLs should be able to load HTTP images, probably. Need to decide
whether this is true for all null principals, but I suspect that it is.
3) Reloading a data: URL should not change its principal (it seems to right
now).
I'll probably focus on #3 in this bug, and #2 in bug 336969.|
|
Assignee | |
Comment 5•18 years ago
|
||
So there are two issues here:
1) Null principal can't load http:. I'm probably going to change this.
2) Reload loses the subject principal. That's bad. That looks like a
regression from bug 292691.
|
|
Assignee | |
Comment 6•18 years ago
|
||
Note to self: test the fix against bug 291745 and bug 292691
|
|
Assignee | |
Updated•18 years ago
|
|
|
Assignee | |
Comment 7•18 years ago
|
||
This fix has two parts to it: 1) Allow null principals to load random things that anyone can load. Fixes the visual symptoms and bug 336969. 2) Make sure to not lose the principal when doing a reload of something that inherits its principal by storing said principal in the SHEntry.
Assignee: nobody → bzbarsky
Status: NEW → ASSIGNED
Attachment #221851 -
Flags: superreview?(jst)
Attachment #221851 -
Flags: review?(dveditz)
|
|
Assignee | |
Updated•18 years ago
|
Priority: -- → P1
Summary: img in data URL stops working on reload → [FIX]img in data URL stops working on reload
Target Milestone: --- → mozilla1.9alpha
|
||
Comment 8•18 years ago
|
||
Comment on attachment 221851 [details] [diff] [review] Proposed fix sr=jst
Attachment #221851 -
Flags: superreview?(jst) → superreview+
|
||
Comment 9•18 years ago
|
||
Comment on attachment 221851 [details] [diff] [review] Proposed fix r=dveditz
Attachment #221851 -
Flags: review?(dveditz) → review+
|
|
Assignee | |
Comment 10•18 years ago
|
||
Fixed.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•