Open Bug 209293 Opened 21 years ago Updated 2 years ago

Permission denied to get property HTMLImageElement.src

Categories

(Core :: Security: CAPS, defect)

Product:
Core
Component:
Security: CAPS
Platform:
x86
Windows XP
Type:
defect

Tracking

()

People

(Reporter: jasonb, Assigned: dveditz)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030612
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030612

This seems to be specific to Windows XP, and may or may not be regression.

Two of my reported bugs (bug 144416 and bug 207851) which started of as Tech
Evangelism and were then moved to Security: CAPS, are showing the JavaScript
Console error listed in this bug Summary.

So far, I'm not sure how to produce a reduced testcase for this, nor do I have a
URL that you can go to *specifically* that will do so.  The best I have, at the
moment, is to follow the steps outlined in one of the other bugs.

I'm filing this bug as I strongly suspect that there is a root cause here of
both other bugs.

Reproducible: Always

Steps to Reproduce:
1. Follow the steps to reproduce either bug 144416 or bug 207851 under XP.
There are actually two JavaScript Console messages that keep coming up:

Error: uncaught exception: Permission denied to get property HTMLImageElement.src
Error: uncaught exception: Permission denied to set property HTMLImageElement.src

Although the first one is the one that always comes up at both sites.

I also realised that I see this every time I go to
http://www.theweathernetwork.com/weather/maps/Satrad.htm - so I'm adding that as
the reference URL.

To see the "set" error, go to the site.  To see the "get" error, click on the
Play button.

You can also see the "set" error by going to
http://www.mikebonnell.com/wallpaper.html
Blocks: 144416, 207851
URL: http://www.theweathernetwork.com/weat...
I get this same error in both 1.5 and 1.6 on Mac OS X, "Mozilla/5.0 (Macintosh;
U; PPC Mac OS X Mach-O; en-US; rv:1.6) Gecko/20040113". The URL is:
https://www.taxactonline.com/s_online_tax/introduction/registration.asp

Fill in the form and click the "Submit Registration" link.
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040115
Always reproducible.
Ensuring that Preferences | Advanced | Scripts & Plugins | Allow javascript to:
(change images) has no effect, after toggling/restarting the browser.

A trivial case for the 'set' error:

<html><head><title>Bug</title>
<script language="JavaScript">
<!--
function switchImage() {
	  if ( document.greek.mode.value == "0" )
	{ document.greekimg.src = "gfx/igreek.png";
	  document.greek.mode.value = "1"; 
	} else
	{ document.greekimg.src = "gfx/greek.png";
	  document.greek.mode.value = "0";
	}
}
//-->
</script></head><body>
<form name="greek" action="none">
<table width="600">
<tr><td>
<img name="greekimg" src="gfx/greek.png" height="80" width="600" border="0">
</td>
</tr>
<tr>
<td>
<td align="right" valign="top">
<input type=button value="0" name="mode" onClick="switchImage();">
</td>
</tr>
</table>
</form>
</body>
</html>

Possibly related to bug# 248402 ?: Scripts running in an https context throws
this exception when a call is made to non-https DOM content, even when the
http-host is identical.
Both bugs that I'd marked this bug as blocking now work for me (and I've closed
them) - even though at least one of the sites they referenced (one of them is
currently down as I write this) still produces the JavaScript error.
Assignee: security-bugs → dveditz
QA Contact: carosendahl → caps
Depends on: 434522
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.