Closed Bug 59603 Opened 24 years ago Closed 24 years ago

link in sidebar panel with target="_top" overwrites chrome

Categories

(SeaMonkey :: Sidebar, defect, P2)

Product:
SeaMonkey
Component:
Sidebar
Platform:
x86
Windows 2000
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
mozilla0.9.1

People

(Reporter: bugzilla, Assigned: danm.moz)

References

(
URL
)

Details

Attachments

(1 file)

New testcase - sidebar that can overwrite chrome
682 bytes, text/html
Details
Targeting a link in the sidebar to "_top" causes the linked page to take over the whole browser window, replacing all of the XP elements, including the navigation buttons and the sidebar itself. Example page: http://geekissues.org/about.php 1) Go to the page with Mozilla 2) Click on "As a Netscape 6 My Sidebar Item". 3) Go to the GeekIssues.org sidebar, wait for the page to load, and then click on a link. Expected: Page is loaded in the browser's "browsing area". Actual: As described above.
http://developer.netscape.com/docs/manuals/browser/sidebar/index.html#creating Says to use target='_content' to put things in the content window. I do have to agree, though... adding _top should NOT get rid of the UI.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: evangwanted
Keywords: evangwanted
spam : changing qa to sujay (New Sidebar QA)
QA Contact: shrir → sujay
Is this still happening? I tested this with today's Mozilla build and did not get the results, but maybe the page & sidebar applications were changed? This sounds really, really bad. To me this seems like you could actually replace the whole UI with a spoofed one that you would not be able to tell from the original just by looking at it (load XUL that LOOKS like the normal browser but does something nasty, like stealing your passwords!)
Severity: normal → major
Keywords: nsbeta1, nsdogfood
This bug still exists - and it is a Bad Thing. The URL above will load the attached sidebar. The second link on the sidebar will overwrite the browser chrome. As Heikki said, this could be used to spoof the browser chrome. Let's get this fixed - sidebar should not have access to _top as a target. CCing hyatt.
URL: http://geekissues.org/about.phpjavascript:sidebar.addPanel("Bug 5960...
reassigning. _top should not do this. EEek!
Assignee: matt → danm
Agreed, nsdogfood+. Dan, can this get targetted to m.9 or m.9.1?
Keywords: nsdogfoodnsdogfood+
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla0.9.1
Summary: Targeting a link in the sidebar causes undesired results. → link in sidebar panel with target="_top" overwrites chrome
Priority: P3 → P2
Blocks: 75643
Found it. Sidebar panels which should be sandboxed aren't, and vice versa. So any generic sidebar has chrome privileges to reach out and swat the _top chrome (and sidebars you'd expect to be trusted, don't). Fix: Index: sidebarOverlay.js =================================================================== RCS file: /cvsroot/mozilla/xpfe/components/sidebar/resources/sidebarOverlay.js,v retrieving revision 1.71 diff -u -r1.71 sidebarOverlay.js --- sidebarOverlay.js 2001/05/02 22:41:50 1.71 +++ sidebarOverlay.js 2001/05/15 01:02:37 @@ -367,10 +367,10 @@ if (typeof this.iframe == "undefined") { var content = this.get_content(); if (this.is_sandboxed()) { - var unsandboxed_iframe = content.childNodes.item(1); + var unsandboxed_iframe = content.childNodes.item(2); this.iframe = unsandboxed_iframe; } else { - var sandboxed_iframe = content.childNodes.item(2); + var sandboxed_iframe = content.childNodes.item(1); this.iframe = sandboxed_iframe; } }
r=matt tested and patched my build
.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Ilya, does this work for you now?
verified in 5/24 build.
Status: RESOLVED → VERIFIED
I'm not sure if this deserves a reopening, so I'll leave that up to more knowledgeable folks. The previous behavior, which was definitely problematic, has been fixed, and no longer happens when using 2001052504 under Win32. However, there are several other issues which I'm not sure are being addressed correctly. 1) Clicking a link targeted to _top causes it to open in the Sidebar frame. While that seems logical, a lot of web designers may (as did I) expect it to instead open in the current browser frame. This probably needs discussion. 2) While testing the bug, I noticed that clicking "Back" in the context menu of the Sidebar actually caused the content area (biggest part of the window) to go back instead of the Sidebar. Does this deserve a separate bug?
Ilya, can you please file separate bugs for this two issues? thanks.
Ilya: 1) If you want to open a page in the browser area, use _content. All we've done here is contain the damage of using _top, which, as the designer of a sidebar, you'll quickly stop using because it's almost certainly not what you wanted. 2) The sidebar's context menu probably shouldn't have a "back" item. Clearly a different bug.
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: