Closed
Bug 1310704
Opened 8 years ago
Closed 8 years ago
status bar spoofing
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1310432
People
(Reporter: cs.anurag.jain, Unassigned)
Details
Attachments
(1 file)
120 bytes,
text/html
|
Details |
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 Steps to reproduce: 1) Open the attached a.html <a id="myLink" onfocus="document.getElementById('myLink').href ='http://abcd.com'" href="http://google.com">Click Me</a> 2) Place your cursor on link "Click Me" 3) On status bar you will see it will goto google.com 4) Click on it and it will move to abcd.com instead Actual results: Clicking on the link navigate user to an unexpected website link. User trusting status bar would be spoofed Expected results: User should always be shown the correct url where they would be navigated.
Comment 1•8 years ago
|
||
Please stop reporting duplicates of this bug. If this is some kind of group/class project, please tell your instructor to stop abusing a public bugtracker and use landfill.mozilla.org instead.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•