Closed Bug 151491 Opened 22 years ago Closed 22 years ago

local file:// links are opened on middle-click

Categories

(Core :: Security: CAPS, defect)

x86
Linux
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 148418

People

(Reporter: marggraf, Assigned: dougt)

References

()

Details

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1a) Gecko/20020610
BuildID:    2002061108

When middle-clicking on a local file:// link, this link is opened into a new
tab/window (as I described in the (correctly) closed bug #151253).

According to bug #84128, opening local file:// links is disabled due to security
concerns. All other methods of opening such a link are disabled, but this one
seems to be still working well. This behaviour might thus be considered as a
security hole.

Even if not for security reasons, middle-clicking on file:// links should be
disabled as well, for reasons of consistency.

Reproducible: Always
Steps to Reproduce:
1. middle-click on a local file:// link



Actual Results:  The local file will be displayed in a new tab/window.

Expected Results:  Noting should happen (as discussed in bug #84128).
related: bug 148418

*** This bug has been marked as a duplicate of 148418 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Component: Networking: File → Security: CAPS
QA Contact: benc → bsharma
You need to log in before you can comment on or make changes to this bug.