Closed Bug 1424650 Opened 7 years ago Closed 7 years ago

bookmarks execute javascript on the website of the active tab.

Categories

(Firefox :: Bookmarks & History, defect)

Product:
Firefox
Component:
Bookmarks & History
Version:
57 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 527530

People

(Reporter: kieran.d.n, Unassigned)

Details

Attachments

(1 file)

javascriptbookmark.html
433 bytes, text/html
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 Steps to reproduce: I imported a Bookmark file where instead of adding a bookmark for a valid URL i inserted a JAVASCRIPT URI. I then opened https://www.mozilla.org and clicked the bookmark I just imported. I noticed that the JavaScript that I inserted after the javascript: URI was being executed within www.mozilla.org The bookmark file I used has been attached to this report. I created a video poc of this: https://vimeo.com/246710956 Password: MZTOPSEC! Actual results: The JavaScript executes within www.mozilla.org Expected results: The URL should have opened in a new tab, this makes it impossible to access the DOM of a website that happens to be loaded in the active tab at the moment that the bookmark was clicked.
This is the expected behaviour. We have bug 372035 and various other bugs on file that will help with user confusion here, but we're not intending to change how bookmarks get loaded per se.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Component: Untriaged → Bookmarks & History
Resolution: --- → DUPLICATE
Eh, wrong dupe bug.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: