Closed Bug 13543 Opened 25 years ago Closed 25 years ago

Spoofing windows using javascript URLs

Categories

(Core :: Security, defect, P3)

Product:
Core
Component:
Security
Platform:
x86
Windows 95
Type:
defect

Tracking

()

Status:
VERIFIED WORKSFORME

People

(Reporter: joro, Assigned: norrisboyd)

References

(
URL
)

Details

It is possible to spoof windows in build 1999090808 using javascript URLs.

The code is:

a=window.open("http://www.yahoo.com","a");
setTimeout('a.location="javascript:s=\'This window is spoofed\'";',20000);
Status: NEW → ASSIGNED
Depends on: 11963
Target Milestone: M14
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → WORKSFORME
I now get "javascript:s='This window is spoofed'" in the location bar. I think
this was fixed by some of Nisheeth's changes to the javascript: urls.
Verified fixed.
Status: RESOLVED → VERIFIED
Bulk moving all Browser Security bugs to new Security: General component.  The 
previous Security component for Browser will be deleted.
Component: Security → Security: General
No longer depends on: 11963
You need to log in before you can comment on or make changes to this bug.