Closed Bug 39972 Opened 24 years ago Closed 21 years ago

Images written via Javascript are loaded even if not from the originating server

Categories

(Core :: Graphics: Image Blocking, enhancement, P4)

x86
Linux
enhancement

Tracking

()

RESOLVED WORKSFORME
Future

People

(Reporter: fosterd, Assigned: security-bugs)

References

Details

Attachments

(1 file)

I have my image preferences set to only load images on the same server as the
page. However, if an IMG tag is written via document.write in Javascript,
Mozilla loads the image even if it is on another server. You can see an example
of this at http://freshmeat.net/. I am using 052008.
updating component and owner.
Assignee: asadotzler → morse
Status: UNCONFIRMED → NEW
Component: Browser-General → XPApps
Ever confirmed: true
Good catch -- I didn't think about that case.  I'll put it on my enhancement 
list.
Status: NEW → ASSIGNED
Target Milestone: --- → M20
Sorry for the spam.  New QA Contact for Browser General.  Thanks for your help
Joseph (good luck with the new job) and welcome aboard Doron Rosenberg
QA Contact: jelwell → doronr
Severity: normal → enhancement
Target Milestone: M20 → M30
Changing fictional "M30" to reality
Target Milestone: M30 → Future
*spam* setting defualy xpapps qa contact
QA Contact: doronr → sairuh
h'm, i'm not the qa person for the image stuff...over to Eli. should this remain
in xp apps, or is there a more appropriate component? thx.
QA Contact: sairuh → elig
I so totally don't know what component this belongs in. I defer to Steve Morse, 
who appears to be keeping the bug. 
Summary: Images written via Javascript are loaded even if not from the originating server → [z]Images written via Javascript are loaded even if not from the originating server
Sorry for my ignorance, but what's this [z] thing mean?
Summary: [z]Images written via Javascript are loaded even if not from the originating server → Images written via Javascript are loaded even if not from the originating server
Whiteboard: [z]
QA Contact: elig → sairuh
QA Contact: sairuh → tpreston
nav triage team:

We should look into this one. Marking nsbeta1, p4, mozilla0.9
Keywords: nsbeta1
Priority: P3 → P4
Target Milestone: Future → mozilla0.9.1
After consulting with Steve Morse, since we've minused other image manager bugs,
no sense making this the odd man out. Marking this nsbeta1-
Keywords: nsbeta1nsbeta1-
Target Milestone: mozilla0.9.1 → Future
Whiteboard: [z]
Reassigning to new owner
Assignee: morse → mstoltz
Status: ASSIGNED → NEW
Component: XP Apps → Image Blocking
QA Contact: tpreston → tever
There also seems to be a problem (in 1.3a, anyway) with Javascript being able to
load an image even if the image's server is on the Image Manager block list. 
Yahoo Mail presented an ad to me today with the following code in it, perhaps
explicitly trying to exploit this weakness:

<script language="javascript" src=" http://z1.adserver.com/snip"></script>
<noscript><a href="http://rd.yahoo.com/M=snip*http://z1.adserver.com/snip"
target="_blank">
<img width=728
height=90 src="http://z1.adserver.com/snip" border=0></a></noscript>

FWIW, the snips after z1.adserver.com were virtually (but not completely)
identical.  When the image is served via Javascript, the right-mouse button
isn't available to try to add the server to the block list, either.

HTH,
Dave
QA Contact: tever → nobody
Is this still a problem?  Could someone post a complete testcase showing the bug?
*** Bug 188942 has been marked as a duplicate of this bug. ***
worksforme too. Marking so, but please reopen with testcase if the problem still
exists...
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.