View Image loads javascript: url as chrome

VERIFIED FIXED

Status

()

defect
VERIFIED FIXED
17 years ago
17 years ago

People

(Reporter: jruderman, Assigned: dveditz)

Tracking

Trunk
x86
Windows 98
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [ADT2 RTM])

Attachments

(3 attachments)

Reporter

Description

17 years ago
If the src of an img is a javascript: url, the View Image context menu item runs
the javascript: url as chrome.
Reporter

Comment 1

17 years ago
Reporter

Comment 2

17 years ago
Reporter

Updated

17 years ago
Attachment #83015 - Attachment description: testcase → testcase for View Image
Reporter

Comment 3

17 years ago
While I rarely use View Image, I use Show Only This Frame reflexively on pages
with large navigation frames.  The frame with the javascript: URL can contain
anything a normal frame can using the format javascript:"<html>...", so the page
can look like a normal framed page.
Keywords: nsbeta1+
Whiteboard: [ADT2 RTM]
Reassigning to dveditz
Assignee: mstoltz → dveditz
Assignee

Comment 5

17 years ago
The view image (and background image) bug turns out to be the utilityOverlay.js
bug covered in bug 144704. This patch only fixes the show frame bug.

Comment 6

17 years ago
Comment on attachment 84419 [details] [diff] [review]
use loadURI() for safety in nsContextMenu.js

sr=scc
Attachment #84419 - Flags: superreview+
Comment on attachment 84419 [details] [diff] [review]
use loadURI() for safety in nsContextMenu.js

r=bryner
Attachment #84419 - Flags: review+

Comment 8

17 years ago
Comment on attachment 84419 [details] [diff] [review]
use loadURI() for safety in nsContextMenu.js

a=brendan,chofmann,scc

please check in to mozilla 1.0 branch by midnight tonight
Attachment #84419 - Flags: approval+

Comment 9

17 years ago
adding adt1.0.0+ for 1.0 branch checkin.
Keywords: adt1.0.0+
Assignee

Comment 10

17 years ago
checked into trunk and branch
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Keywords: fixed1.0.0
Resolution: --- → FIXED
Group: security?

Comment 11

17 years ago
Verified on 2002-10-11-branch build on Win 2000.

Both of the attached test cases gives an exxception.
Status: RESOLVED → VERIFIED
Assignee

Comment 12

17 years ago
fixing verified keyword so queries of which bug was fixed when come out right:
this was fixed for mozilla 1.0
You need to log in before you can comment on or make changes to this bug.