Closed
Bug 1444651
Opened 7 years ago
Closed 7 years ago
Port Bug 1395508 to SeaMonkey
Categories
(SeaMonkey :: Location Bar, defect)
Tracking
(seamonkey2.49esr fixed, seamonkey2.53 fixed, seamonkey2.55 fixed, seamonkey2.56 fixed, seamonkey2.57esr fixed)
RESOLVED
FIXED
seamonkey2.57
People
(Reporter: frg, Assigned: frg)
References
Details
(Keywords: sec-moderate)
Attachments
(2 files)
|
427 bytes,
text/html
|
Details | |
|
2.10 KB,
patch
|
iannbugzilla
:
review+
iannbugzilla
:
approval-comm-beta+
iannbugzilla
:
approval-comm-release+
iannbugzilla
:
approval-comm-esr52+
|
Details | Diff | Splinter Review |
We are missing the patch for Bug 1395508 in SeaMonkey.
https://hg.mozilla.org/mozilla-central/rev/a14cc3bd9643
I don't have access to the bug but from the changeset it seems that whitespaces may be displayed as spaces and push additional content out of the visible area:
You can verify this when using the url from the tests:
> + loadURL: "http://example.com/%E3%80%80%E3%80%80",
> + expectedURL: "example.com/%E3%80%80%E3%80%80",
> + copyExpected: "http://example.com/%E3%80%80%E3%80%80"
SeaMonkey will display it as "http:/example.com/ "
Should be fixed for 2.49.3
|
||
Comment 1•7 years ago
|
||
(In reply to Frank-Rainer Grahl (:frg) from comment #0)
> I don't have access to the bug
I've CC'd you. Sorry for not pro-actively flagging this up with you.
|
Assignee | |
Comment 2•7 years ago
|
||
Thanks. The example applies 1:1 to SeaMonkey so as this isn't just copy paste setting sec-moderate as in bug 1395508.
Keywords: sec-low → sec-moderate
|
|
Assignee | |
Comment 3•7 years ago
|
||
address bar spoof using hebrew.
poc.html
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<script>
function aa(){
var link = document.createElement('a');
link.href = "https://xn--ggbla1c4e.xn--ngbc5azd/#"+Array(0x200).join("%20")+"סוֹ.סח";
link.target="aaaa";
document.body.appendChild(link);
link.click();
}
</script>
<a onclick="aa();" href="javascript:void(0);">CLICK ME</a>
Expected Result:
https://اسماء.شبكة
Rendered Results:
https://no.io
|
|
Assignee | |
Comment 4•7 years ago
|
||
Regex expression is not 1:1 because we filter out some more control chars later.
[Approval Request Comment]
Regression caused by (bug #): ---
User impact if declined: security risk.
Testing completed (on m-c, etc.): c-r 2.53
Risk to taking this patch (and alternatives if risky): trivial patch
String changes made by this patch: --
Attachment #8957881 -
Flags: review?(iann_bugzilla)
Attachment #8957881 -
Flags: approval-comm-release?
Attachment #8957881 -
Flags: approval-comm-esr52?
Attachment #8957881 -
Flags: approval-comm-beta?
|
|
Assignee | |
Updated•7 years ago
|
Blocks: SeaMonkey2.49.3ESR
Comment on attachment 8957881 [details] [diff] [review]
1444651-PortBug1395508.patch
LGTM r/a=me
Attachment #8957881 -
Flags: review?(iann_bugzilla)
Attachment #8957881 -
Flags: review+
Attachment #8957881 -
Flags: approval-comm-release?
Attachment #8957881 -
Flags: approval-comm-release+
Attachment #8957881 -
Flags: approval-comm-esr52?
Attachment #8957881 -
Flags: approval-comm-esr52+
Attachment #8957881 -
Flags: approval-comm-beta?
Attachment #8957881 -
Flags: approval-comm-beta+
|
|
Assignee | |
Comment 6•7 years ago
|
||
https://hg.mozilla.org/comm-central/rev/7c8d66add87f514b65d981ea6bbd4fa581596f80
https://hg.mozilla.org/releases/comm-beta/rev/5213294dca3881e02bf54fdc7d123479676adc18
https://hg.mozilla.org/releases/comm-release/rev/7cf3bc4b2bbc9fe7b59b84bd5c3523ee8e64a5ae
https://hg.mozilla.org/releases/comm-esr52/rev/1216b956d1b014874d2d82b9ef3f91e753f74c67
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
status-seamonkey2.55:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Seamonkey2.57
|
||
Updated•5 years ago
|
Group: core-security-release
|
|
Assignee | |
Comment 7•5 years ago
|
||
You need to log in
before you can comment on or make changes to this bug.
Description
•