Closed Bug 1155834 Opened 10 years ago Closed 9 years ago

way to disable onmousedown() event handlers when link is valid

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Version:
40 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 257307

People

(Reporter: shawnlandden, Unassigned)

References

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 Build ID: 20150416030209 Steps to reproduce: Go to https://www.google.com/?q=mozilla+bugzilla Click link to https://bugzilla.mozilla.org/ Actual results: Google redirect (I don't copy link cause it looks like it has private information) Expected results: goes to the link that is in the href and context menu similar, but differn't is when the content of the link is a valid uri <a href="redirect>http://foo.example/</a>, for example youtube's external link interstitial This is a potential phishing issue, when the UI indicates one destination, and you go somewhere else.
The correct solution would be the ping attribute: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a
QA Whiteboard: [bugday-20150727]
See Also: → 229050
Component: Untriaged → Security
Product: Firefox → Core
I'm going to mark this bug as duplicate of Bug 257307.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Component: Security → DOM
Resolution: --- → DUPLICATE
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.