Open
Bug 209293
Opened 22 years ago
Updated 2 years ago
Permission denied to get property HTMLImageElement.src
Categories
(Core :: Security: CAPS, defect)
Tracking
()
NEW
People
(Reporter: jasonb, Assigned: dveditz)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030612
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030612
This seems to be specific to Windows XP, and may or may not be regression.
Two of my reported bugs (bug 144416 and bug 207851) which started of as Tech
Evangelism and were then moved to Security: CAPS, are showing the JavaScript
Console error listed in this bug Summary.
So far, I'm not sure how to produce a reduced testcase for this, nor do I have a
URL that you can go to *specifically* that will do so. The best I have, at the
moment, is to follow the steps outlined in one of the other bugs.
I'm filing this bug as I strongly suspect that there is a root cause here of
both other bugs.
Reproducible: Always
Steps to Reproduce:
1. Follow the steps to reproduce either bug 144416 or bug 207851 under XP.
|
Reporter | |
Comment 1•22 years ago
|
||
There are actually two JavaScript Console messages that keep coming up:
Error: uncaught exception: Permission denied to get property HTMLImageElement.src
Error: uncaught exception: Permission denied to set property HTMLImageElement.src
Although the first one is the one that always comes up at both sites.
I also realised that I see this every time I go to
http://www.theweathernetwork.com/weather/maps/Satrad.htm - so I'm adding that as
the reference URL.
To see the "set" error, go to the site. To see the "get" error, click on the
Play button.
You can also see the "set" error by going to
http://www.mikebonnell.com/wallpaper.html
I get this same error in both 1.5 and 1.6 on Mac OS X, "Mozilla/5.0 (Macintosh;
U; PPC Mac OS X Mach-O; en-US; rv:1.6) Gecko/20040113". The URL is:
https://www.taxactonline.com/s_online_tax/introduction/registration.asp
Fill in the form and click the "Submit Registration" link.
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040115
Always reproducible.
Ensuring that Preferences | Advanced | Scripts & Plugins | Allow javascript to:
(change images) has no effect, after toggling/restarting the browser.
A trivial case for the 'set' error:
<html><head><title>Bug</title>
<script language="JavaScript">
<!--
function switchImage() {
if ( document.greek.mode.value == "0" )
{ document.greekimg.src = "gfx/igreek.png";
document.greek.mode.value = "1";
} else
{ document.greekimg.src = "gfx/greek.png";
document.greek.mode.value = "0";
}
}
//-->
</script></head><body>
<form name="greek" action="none">
<table width="600">
<tr><td>
<img name="greekimg" src="gfx/greek.png" height="80" width="600" border="0">
</td>
</tr>
<tr>
<td>
<td align="right" valign="top">
<input type=button value="0" name="mode" onClick="switchImage();">
</td>
</tr>
</table>
</form>
</body>
</html>
|
||
Comment 4•21 years ago
|
||
Possibly related to bug# 248402 ?: Scripts running in an https context throws
this exception when a call is made to non-https DOM content, even when the
http-host is identical.
|
|
Reporter | |
Comment 5•20 years ago
|
||
Both bugs that I'd marked this bug as blocking now work for me (and I've closed
them) - even though at least one of the sites they referenced (one of them is
currently down as I write this) still produces the JavaScript error.
|
Assignee | |
Updated•18 years ago
|
Assignee: security-bugs → dveditz
QA Contact: carosendahl → caps
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•