Closed Bug 1900648 Opened 1 year ago Closed 2 months ago

XSLT error messages can leak browser UI language

Categories

(Core :: XSLT, defect)

Product:
Core
Component:
XSLT
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
140 Branch
Tracking Flags:
Tracking Status
firefox140 --- fixed

People

(Reporter: ma1, Assigned: pierov)

References

(Blocks 2 open bugs)

Details

(Whiteboard: [tor 42288][fingerprinting])

Attachments

(1 file, 2 obsolete files)

Bug 1900648 - Allow language spoofing in XSLT status messages. r?#platform-i18n-reviewers,#geckoview-reviewers,m_kato
48 bytes, text/x-phabricator-request
Details | Review

This is https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42288 in Tor Browser.

Actual browser UI locale can be inferred by examining the error message for a failed XSLT.

POC: https://people.torproject.org/~ma1/pbugs/42288/poc/

Severity: -- → S3
Component: DOM: Core & HTML → XSLT
Assignee: nobody → manuel
Status: NEW → ASSIGNED

I'm taking this Bug (I've already talked about it with Manuel).

Assignee: manuel → pierov
Attachment #9406649 - Attachment is obsolete: true
Depends on: 1959147

Comment on attachment 9479317 [details]
Bug 1900648 - Part 2: Remove nsStringBundleService::FormatStatusMessage. r?#xpcom-reviewers

Revision D245696 was moved to bug 1959147. Setting attachment 9479317 [details] to obsolete.

Attachment #9479317 - Attachment is obsolete: true
Pushed by enordin@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b576f6dedd29 Allow language spoofing in XSLT status messages. r=platform-i18n-reviewers,dom-core,farre,nordzilla

https://hg.mozilla.org/mozilla-central/rev/b576f6dedd29

Status: ASSIGNED → RESOLVED
Closed: 2 months ago
status-firefox140: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 140 Branch
QA Whiteboard: [qa-triage-done-c141/b140]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: