[Firefox-50.1.0] xss on webbrowser while translating the URL

RESOLVED DUPLICATE of bug 255107

Status

()

Firefox
Untriaged
RESOLVED DUPLICATE of bug 255107
10 months ago
10 months ago

People

(Reporter: Anish, Unassigned)

Tracking

50 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

10 months ago
Created attachment 8832506 [details]
Mozilla_Firefox_XSS.jpg

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0.2 Safari/602.3.12

Steps to reproduce:

open this on the webborwser
data:html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4=


Actual results:

XSS will Fired


Expected results:

In Chrome & Safari No XSS is Fired

Comment 1

10 months ago
This is a known difference in how Firefox handles data: URIs compared to other browsers.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Last Resolved: 10 months ago
Resolution: --- → DUPLICATE
Duplicate of bug: 255107
You need to log in before you can comment on or make changes to this bug.