Closed
Bug 371738
Opened 17 years ago
Closed 17 years ago
Web pages can conceal their source code using onunload
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 253497
People
(Reporter: rich, Unassigned)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.10) Gecko/20070216 Firefox/1.5.0.10 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.10) Gecko/20070216 Firefox/1.5.0.10 Related to the onunload memory corruption issue fixed in 1.5.0.10 there is at least one further bug in this area. A web page can cause the page viewed to have a difference understanding of the current location compared to that the view source component is triggered on. The same could apply to other parts of the browser chrome (eg. ad blockers etc.) Reproducible: Always Steps to Reproduce: 1. Put this in a web page, then view it in firefox. <html> <body onunload="location = self.location"> Foo <a href="http://slashdot.org/">http://slashdot.org/</a> </body> </html> 2. Click on the link which should take you to slashdot and you'll end up back where you were (this has been known about for ages). 3. Now do 'View Source' and you get shown the sourcecode to slashdot rather than the source code for the page you're viewing. Actual Results: View source displays the contents of the wrong site Expected Results: I'd expect to see the source code for the page I'm viewing. A web page could trigger the link itself using DOM events (or naviagate away using javascript fom submission) and use this technique to hide the source code of a malicious page from the user. I did a quick check that document.cookie wasn't chcking the wrong URL, but I have not checked extensively which other parts of the browser can be spoofed in this fashion/
Updated•17 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
Reporter | ||
Comment 2•17 years ago
|
||
Hmm, so this is a security issue and has been hanging around since 2004? Not exactly impressive.
Updated•17 years ago
|
Group: security
You need to log in
before you can comment on or make changes to this bug.
Description
•