Closed Bug 263473 Opened 18 years ago Closed 17 years ago

Context menu displays all possible options on image <object>

Categories

(Firefox :: General, defect)

defect
Not set
normal

Tracking

()

VERIFIED FIXED
Firefox1.5

People

(Reporter: marcus, Assigned: jruderman)

References

()

Details

(Keywords: fixed1.8, Whiteboard: [sg:fix])

Attachments

(3 files, 1 obsolete file)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.3) Gecko/20041004 Firefox/0.10.1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.3) Gecko/20041004 Firefox/0.10.1

Right-clicking the space beneath the Flash animation in the window for the Games
section of Lionhead Studio's website -- http://www.lionhead.com/index2.html -- 
produces a context menu that appears to display all possible options, not just
those for a webpage.

Reproducible: Sometimes
Steps to Reproduce:
1. Go to http://www.lionhead.com/index2.html
2. Click Games to open the pop-up window
3. Right-click the very bottom-left of the window contents.

Actual Results:  
A context menu appeared with irrelevant options.

Expected Results:  
The normal context menu for webpages should appear.
Attached image Screenshot
Just to clarify, I deactivated my installed extensions (EditCSS, WeatherFox and
LiveBookmarkThis) and was still able to reproduce the problem.
Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.3) Gecko/20041008
Firefox/0.10

confirming

seeing the same + the whole arsenal of options from AdBlock
but if i open the page for a second time i get the normal context menu
Attached image context menu bug
FF context menu bug

Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.5) Gecko/20041107
Firefox/1.0
Found this same problem while developing an extension. After researching a bit,
discovered that the error arises when you right click on an OBJECT tag that
doesn't have the "type" attribute, like :

<object data="image.png">Test</object>

This causes an error in line 4142 of browser.js because local var type is null.
A quick fix could be to replace that line with :

if ( type && type.substring( 0, 6 ) == "image/" && data) {

just to avoid this error when type is null, although I suspect that the type
attribute for the <object> should contain a valid value and that could be the
real bug.
I too see this bug ( WinXP w/ Firefox 1.0.4 ) - it would not be quite as annoying 
if the context menu would check the screen co-ordinates and draw itself
on-screen, rather than the top of the menu getting "cut-off" & rendered
inaccessible. As I use a fairly large # of plugins, I believe this may still be
an issue even after the issue of irrelevant menu items appearing is fixed. If
possible, please advise whether this should be entered as a separate bug-report.
Thanks!!!
Assignee: firefox → jruderman
The URL in comment 0 is gone, so I'm morphing this bug to cover comment 5.  This
might be a security hole.
Summary: Context menu displays all possible options → Context menu displays all possible options on <object> without type attribute
Target Milestone: --- → Firefox1.5
OS: Windows 2000 → All
Hardware: PC → All
Blocks: 305380
Summary: Context menu displays all possible options on <object> without type attribute → Context menu displays all possible options on image <object>
Attachment #193331 - Attachment description: make Set Desktop Background work with <objects> and fix bug 305380 → fix this bug, make Set Desktop Background work with <objects>, and fix bug 305380
The problem was that disableSetDesktopBackground assumed the image had its URL
in the src attribute.  The patch changes disableSetDesktopBackground, and other
code related to setting the desktop background, to use
nsIImageLoadingContent::currentURI instead.
Attachment #193331 - Attachment is obsolete: true
Attachment #193333 - Flags: review?(mconnor)
Nominating to block beta because the patch fixes bug 305380.
Flags: blocking1.8b4?
Whiteboard: [needs review mconnor]
Attachment #193333 - Flags: review?(mconnor) → review+
Attachment #193333 - Flags: approval1.8b4?
Whiteboard: [needs review mconnor]
plussing for possible security impact per comment 7
Flags: blocking1.8b4? → blocking1.8b4+
This patch fixes two potential security holes:
* Some items being enabled on the context menu that shouldn't be enabled, due to
the uncaught exception.  This is what comment 7 alluded to.
* Bug 305380.

It also fixes two other issues:
* Too many items appear on the context menu, due to the uncaught exception.
* Can't set desktop background from image <object>.
Whiteboard: [sg:fix]
Attachment #193333 - Flags: approval1.8b4? → approval1.8b4+
Fixed trunk and Gecko 1.8 branch.
Status: NEW → RESOLVED
Closed: 17 years ago
Keywords: fixed1.8
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.