Closed
Bug 150966
Opened 22 years ago
Closed 21 years ago
IP addresses in single decimal values should fail (but work instead)
Categories
(Camino Graveyard :: General, defect, P4)
Tracking
(Not tracked)
Camino0.7
People
(Reporter: benc, Assigned: mikepinkerton)
References
()
Details
Chimera 0.3 While running Networking - Core tests http://www.mozilla.org/quality/networking/testing/coretests.html STEPS: http://3486011863 becomes www.mozilla.org. This should error, b/c it should be treated as a DNS entry, and not found. See bug 67730.
Comment 1•22 years ago
|
||
*** Bug 150973 has been marked as a duplicate of this bug. ***
Comment 2•22 years ago
|
||
*** Bug 150975 has been marked as a duplicate of this bug. ***
Comment 3•22 years ago
|
||
that shoud indeed fail, but isn't high priority just yet
Assignee: saari → pinkerton
Priority: -- → P4
Assignee | ||
Comment 4•22 years ago
|
||
how do we prevent this in mozilla or any other embedding apps? is there client-side code that handles this? All we're doing is telling necko to load the url in the urlbar. cc'ing some necko guys and ccarlen.
Target Milestone: --- → Chimera0.5
Previous bugs argued that this was because we blindly call some API (like gethostbyname), and the quality of the implementation was variable. I have argued that mozilla/trunk should error bogus DNS stuff and cast the hostname|IP data at the application level in bug 140379.
Assignee | ||
Updated•22 years ago
|
Target Milestone: Chimera0.5 → Chimera0.6
Assignee | ||
Comment 6•22 years ago
|
||
can anyone with a mozilla mach-o build verify if this happens there too? if so, it's a darwin nspr issue, not specific to chimera.
Target Milestone: Chimera0.6 → Chimera0.7
Comment 7•22 years ago
|
||
This seems to indeed be a darwin bug, as even command line apps (under 10.1.5) will convert a decimal address to to full dotted-quad. As in: % telnet 3486011863 80 Trying 207.200.81.215... Connected to 3486011863. Escape character is '^]'. Mach-O Mozilla will also connect to mozilla.org through 3486011863, however CFM Mozilla and Internet Explorer will not.
Assignee | ||
Comment 8•22 years ago
|
||
well then this isn't a chimera bug. file a new one if you disagree with darwin's nspr impl
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → WONTFIX
In all cases where this works, the underlying OS supports a more liberal IP address input than the RFC's for the URL. The premise of these bugs, as I present them, is that we should be doing our own address validity checking in the application, for standards and security reasons. The depends bug contains all the details. As for the Chimera specific bug, I created it as part of my test results, and if you don't plan on doing a Chimera-only fix, that's completely understandable. Ideally it should be implemented in the trunk.
Reporter | ||
Comment 10•21 years ago
|
||
w/ cfm gone, bug 67730 is now all-plats, and this is a dupe.
Status: RESOLVED → REOPENED
QA Contact: winnie → benc
Resolution: WONTFIX → ---
Reporter | ||
Comment 11•21 years ago
|
||
"Mach-O IS the Camino..." *** This bug has been marked as a duplicate of 67730 ***
Status: REOPENED → RESOLVED
Closed: 22 years ago → 21 years ago
Keywords: verifyme
Resolution: --- → DUPLICATE
Updated•19 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•