437045 - Firefox allows href and src to localhost from websites without warning

Status: RESOLVED DUPLICATE of bug 354493

(Toolkit :: Safe Browsing, defect)

Description

[Jesper Hansen]

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052909 Firefox/3.0
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052909 Firefox/3.0

Firefox is allowing users to be directly directed to like http://localhost/deletestuff.php
script src locations may also be localhost

127.0.0.1 - - [03/Jun/2008:12:21:15 +0000] "GET /IamdeletingYou.php HTTP/1.1" 404 0 "http://www.staunhansen.dk/files/nonwww/testjs.html" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052909 Firefox/3.0"
127.0.0.1 - - [03/Jun/2008:12:21:15 +0000] "GET /IamdeletingYou.php HTTP/1.1" 404 0 "http://www.staunhansen.dk/files/nonwww/testjs.html" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052909 Firefox/3.0"
127.0.0.1 - - [03/Jun/2008:12:21:15 +0000] "GET /?query=drop%20database HTTP/1.1" 200 45 "http://www.staunhansen.dk/files/nonwww/testjs.html" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052909 Firefox/3.0"

An obscure website may try a lot of script src locations to find any error on the localhost to damage the user in an attempt to destroy like bugged installations of CMS'. 

Reproducible: Always

Steps to Reproduce:
1. Visit website with script or href location to localhost
2. Firefox fetches data from the localhost
Actual Results:  
See steps to reproduce

Expected Results:  
Firefox blocks the attempts and on <a href="*://localhost/..."> the user should be warned.

Comment 1

[Jesper Hansen]

The bug may be actual in other browsers of the mozilla family as well.