Closed Bug 148265 Opened 18 years ago Closed 18 years ago
XMLSeializer doesn't do same origin check
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc3) Gecko/20020523 BuildID: 2002052309 The XMLSerializer object (part of XMLExtras) seems to not to perform a same-origin check. Doesn't seem to let me access local files, but does let me access the content of another domain. This was tested with RC3. <html> <head><title>Test</title></head> <body> <iframe src="http://www.google.com"></iframe> <input type="button" value="Check" onclick="alert(new XMLSerializer().serializeToString(window.frames.document));"> </body> </html> Or, see http://www3.sympatico.ca/ndeakin/test/sectest.html where I have uploaded the test case. Reproducible: Always Steps to Reproduce: 1. load the URL 2. click the button 3. see that the site can get the content from a different domain Expected Results: access should be blocked
CCing correct people for a security bug.
Status: UNCONFIRMED → NEW
Ever confirmed: true
*** This bug has been marked as a duplicate of 147754 ***
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.