Closed Bug 193099 Opened 22 years ago Closed 22 years ago

Image from blocked server appears if it's redirected from another site

Categories

(Core :: Graphics: Image Blocking, defect)

Product:
Core
Component:
Graphics: Image Blocking
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 167047

People

(Reporter: sinchi, Assigned: security-bugs)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3b) Gecko/20030210
Build Identifier: 

If image from (for example) www.badimage.com is blocked, it can be showed in
another site if this site uses redirect
(e.g. <img src="/cgi-bin/imgredirect.cgi?url=www.badimage.com/img.gif" />)

This also breaks "Accept images from the originating server only" feature.

Reproducible: Always

Steps to Reproduce:
Dupe of bug 167047?
Yes, okay, thanks for suggestion.

Important addition in this bug is remark about breaking "Accept images from the
originating server only" feature.

*** This bug has been marked as a duplicate of 167047 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.