Closed Bug 259935 Opened 20 years ago Closed 20 years ago

document.all can be easily detected

Categories

(Core :: JavaScript Engine, defect, P1)

Product:
Core
Component:
JavaScript Engine
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla1.8alpha4

People

(Reporter: schapel, Assigned: brendan)

References

(
URL
)

Details

(Keywords: fixed-aviary1.0, fixed1.7.5)

Attachments

(4 files)

testcase
266 bytes, text/html
Details
proposed fix
2.39 KB, patch
shaver
: review+
brendan
: approval-aviary+
brendan
: approval1.7.5+
Details | Diff | Splinter Review
testcase 2
233 bytes, text/html
Details
fix for aviary branch
1.79 KB, patch
brendan
: review+
brendan
: approval-aviary+
brendan
: approval1.7.5+
Details | Diff | Splinter Review 
Code such as the following can detect Mozilla's "undetected" document.all:

function foo() {
    this.ie = document.all;
}
var f = new foo();
if (f.ie) // ...

Code like this is used on websites, such as http://geocities.sbc.yahoo.com/ and
http://us.js1.yimg.com/us.yimg.com/lib/g/ylib_dom.js
Attached file testcase 
This testcase displays "IE" if document.all is detected, and "not IE" if it is
not detected.
I think we've seen this code pattern before, but that was a theoretical
discussion; this is mentioning common web sites...

Setting blocking request flags, since this could be pretty serious.  We really
don't want to be commonly flagged as IE.
Flags: blocking1.8a4?
Flags: blocking1.7.x?
Flags: blocking-aviary1.0?
Ok, this is easy to fix.

/be
Assignee: general → brendan
Component: DOM: Level 0 → JavaScript Engine
Flags: blocking1.8a4?
Flags: blocking1.8a4+
Flags: blocking1.7.x?
Flags: blocking1.7.x+
Flags: blocking-aviary1.0?
Flags: blocking-aviary1.0+
Priority: -- → P1
Target Milestone: --- → mozilla1.8alpha4
Attached patch proposed fixSplinter Review 
Make JSOP_SETPROP detecting, as JSOP_SETNAME and JSOP_SETVAR are already.  I
made JSOP_SETELEM as well, for consistency, even though it's unlikely anyone
computes "ie" in i and then does 'this[i] = document.all;'.

/be
Attachment #159519 - Flags: review?(shaver)
Comment on attachment 159519 [details] [diff] [review]
proposed fix

Need this for 1.0, and 1.7. Self-approving.

/be
Attachment #159519 - Flags: approval1.7.x+
Attachment #159519 - Flags: approval-aviary+
Fixed everywhere.

/be
Status: NEW → RESOLVED
Closed: 20 years ago
Keywords: fixed-aviary1.0, fixed1.7.x
Resolution: --- → FIXED
Ok, I have been testing the open TE bugs but have not retested the top 70 sites
in some time. I will run tests on the top 70 sites and the pages linked from
their homepages and will investigate the usage of document.all in terms of if we
are detected as IE anywhere. Since the number of pages to be tested will be
several times more than the open TE list I will not test the mouse over/out
handling, but will just look for usage up to the page's load event. This may
take several days, so don't hold your breath.
seamonkey trunk: not IE
seamonkey 1.7:   not IE
firefox trunk:   not startable 
firefox branch:  not IE
Blocks: 260685
*** Bug 260834 has been marked as a duplicate of this bug. ***
var f = { ie: document.all };

if (f.ie) {
    document.writeln("IE");
} else {
    document.writeln("not IE");
}

shows IE
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Attached file testcase 2 

    
    

    
  
(In reply to comment #10)
> var f = { ie: document.all };
> 
> if (f.ie) {
>     document.writeln("IE");
> } else {
>     document.writeln("not IE");
> }
> 
> shows IE

This seems to only happend in quirks mode
> 



    
    

    
  
(In reply to comment #10)
> var f = { ie: document.all };
> 
> if (f.ie) {

Are there any pages on the web that actually use code like this to detect IE?

    
    

    
  
(In reply to comment #13)
> Are there any pages on the web that actually use code like this to detect IE?

Not that I know of, but I haven't look at each use of document.all. I ran across
it by accident and felt it should have been handled similarly to the class-based
property.



    
    

    
  


  
I hope this bug won't be reopened again.  I'd rather deal with real-world
problems such as IE's treating language=JavaScript1.2 as if it were
language=JavaScript.

/be

    
    

    
  
Comment on attachment 161784 [details] [diff] [review]
fix for aviary branch

Imputing r=shaver, and self-approving.

/be

        Attachment #161784 -
        Flags: review+

        Attachment #161784 -
        Flags: approval1.7.x+

        Attachment #161784 -
        Flags: approval-aviary+

    
    

    
  
Fixed, yet again and for good.

/be
Status: REOPENED → RESOLVED
Closed: 20 years ago20 years ago
Resolution: --- → FIXED
Flags: testcase?

    
    

    
  
Checking in regress-259935.js;
/cvsroot/mozilla/js/tests/js1_5/Regress/regress-259935.js,v  <--  regress-259935.js
initial revision: 1.1
done

Flags: testcase? → testcase+

    
    

    
  
verified fixed.
Status: RESOLVED → VERIFIED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: