Closed Bug 1835157 Opened 1 year ago Closed 5 months ago

Ignore target names which contain both \n and < characters

Tracking

()

Status:

RESOLVED FIXED

Milestone:

128 Branch

Tracking Flags:

Tracking

Status

firefox128

---

fixed

People

(Reporter: s.h.h.n.j.k, Assigned: tschuster)

References

(Blocks 2 open bugs)

Details

(4 keywords, Whiteboard: [adv-main128-])

Attachments

(1 file)

Bug 1835157 - Ignore target names which contain both newline and < characters. r?emilio 5 months ago Tom Schuster (MoCo) 48 bytes, text/x-phabricator-request		Details \| Review

Jun (Request needinfo for comment, I ignore other updates)

Reporter

Description

•

1 year ago

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36

Steps to reproduce:

This is a request on addition to bug 1369029.

Currently, the target attribute in some elements act as an easy way to bypass bug 1369029. In https://github.com/whatwg/html/pull/9309, I proposed an additional mitigation to protect this gap, and it'd be great if y'all can work on this too :)

Frederik Braun [:freddy]

Comment 1

•

1 year ago

This just landed in whatwg/html.

Keywords: sec-want

Frederik Braun [:freddy]

Updated

•

1 year ago

Duplicate of this bug: 1850932

Frederik Braun [:freddy]

Updated

•

1 year ago

See Also: → https://github.com/whatwg/html/pull/9309

Tom Schuster (MoCo)

Assignee

Updated

•

1 year ago

Blocks: html

Simon Pieters [:zcorpan]

Updated

•

11 months ago

See Also: → https://chromestatus.com/feature/5073969773805568

Frederik Braun [:freddy]

Updated

•

11 months ago

Keywords: parity-chrome

Tom Schuster (MoCo)

Assignee

Updated

•

5 months ago

Assignee: nobody → tschuster

Tom Schuster (MoCo)

Assignee

Updated

•

5 months ago

Status: UNCONFIRMED → NEW

Ever confirmed: true

Tom Schuster (MoCo)

Assignee

Comment 3

•

5 months ago

Attached file Bug 1835157 - Ignore target names which contain both newline and < characters. r?emilio — Details

Phabricator Automation

Updated

•

5 months ago

Attachment #9401911 - Attachment description: WIP: Bug 1835157 - Ignore target names which contain both newline and < characters → Bug 1835157 - Ignore target names which contain both newline and < characters. r?emilio

Pulsebot

Comment 4

•

5 months ago

Pushed by tschuster@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/191c949de34e Ignore target names which contain both newline and < characters. r=emilio

pstanciu

Comment 5

•

5 months ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/191c949de34e

Status: NEW → RESOLVED

Closed: 5 months ago

status-firefox128: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → 128 Branch

Tom S [:evilpie]

Updated

•

5 months ago

Keywords: dev-doc-needed

Nicolas Chevobbe [:nchevobbe][PTO - back on October 21]

Updated

•

5 months ago

Blocks: 1899251

Tom Schuster (MoCo)

Assignee

Updated

•

5 months ago

Comment 6

•

4 months ago

Sorry for the burst of bugspam: filter on tinkling-glitter-filtrate
Adding reporter-external keyword to security bugs found by non-employees for accounting reasons

Keywords: reporter-external

Hamish Willee

Comment 7

•

4 months ago

FF128 MDN docs for this can be tracked in https://github.com/mdn/content/issues/33995

Keywords: dev-doc-needed → dev-doc-complete

Simon Friedberger (:simonf)

Updated

•

3 months ago

Whiteboard: adv-main128-

Simon Friedberger (:simonf)

Updated

•

3 months ago

Whiteboard: adv-main128- → [adv-main128-]

You need to log in before you can comment on or make changes to this bug.