To reproduce, load one.html and click the button.  Soon you'll see two.html's URL displayed in the address bar even though one.html is the foreground tab.

I don't know kind of spoofing can be done (if any) using this bug when the two pages do not cooperate.

Tested with a Mac trunk Firefox nightly from 2006-05-25.

chris hofmann

Comment 4

•

17 years ago

bug 339918 is fixed now. are the security risks in this one now sealed off?

pvnick or jesse. can you retest and get nominations on this bug if it is still a problem on trunk or 1.9?

Jesse Ruderman

Reporter

Comment 5

•

16 years ago

URL confusion WFM, Mac trunk debug.  I had to move my address bar to the left so the alert() sheet wouldn't cover it.

Cross-domain, this isn't allowed:

"Error: Permission denied for <https://bugzilla.mozilla.org> to get property Window.alert from <https://test1.bugzilla.mozilla.org>.
Source File: https://bugzilla.mozilla.org/attachment.cgi?id=224031
Line: 2"

When the pages are same-domain, they can cause each other to alert() anyway.

Group: core-security

Status: NEW → RESOLVED

Closed: 16 years ago

Resolution: --- → WORKSFORME

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Alert in one tab while another tab loads can cause wrong URL to be displayed in address bar

Categories

(Firefox :: Security, defect)

Tracking

()

People

(Reporter: jruderman, Unassigned)

References

Details

(Keywords: testcase)

Crash Data

Security

(public)

User Story

Attachments

(2 files)

Description

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Attachment

General

Description

File Name

Content Type