Closed
Bug 264968
Opened 20 years ago
Closed 20 years ago
[v1.8a5-1016+ nightlies] 'file://' images from http website are blocked by security !
Categories
(SeaMonkey :: General, defect)
Tracking
(Not tracked)
VERIFIED
INVALID
mozilla1.8alpha5
People
(Reporter: sgautherie, Unassigned)
References
()
Details
(Keywords: regression)
Attachments
(2 files, 3 obsolete files)
v1.8a4, good display
Observed will testing bug 263653 comment 11: [Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a4) Gecko/20040927] (release) (W98SE) and previous trunk Page displays(/saves) fine. Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041017 Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041018 Very buggy. I never saw this kind of behaviour before, and don't have a clue about it. I'll attached 3 files to show the 'Save Page As (Html Only)' results.
|
Reporter | |
Comment 1•20 years ago
|
||
I used v1.7.3 as a _reference_, because v1.8a4 displays fine, but has bug 263653 which prevents saving this page.
|
|
Reporter | |
Comment 2•20 years ago
|
||
This one displays and saves fine, but is not how I usually use the site.
|
|
Reporter | |
Comment 3•20 years ago
|
||
This should be like v1.7.3/FILE, but is not: the right part of the page almost doesn't display, and Save As just saves 3 KB out of 35 KB :-((
|
|
Reporter | |
Updated•20 years ago
|
Attachment #162523 -
Attachment description: Saved page, by v1.7.3 → Saved page, by v1.7.3 using FILE images, WORKING
|
|
Reporter | |
Updated•20 years ago
|
Attachment #162524 -
Attachment description: Saved page, by v1.8a5 using HTTP images → Saved page, by v1.8a5-18 using HTTP images
|
|
Reporter | |
Updated•20 years ago
|
Attachment #162525 -
Attachment description: Saved page, by v1.8a5 using FILE images, BROKEN → Saved page, by v1.8a5-18 using FILE images, BROKEN
|
|
Reporter | |
Comment 4•20 years ago
|
||
Boris: Tell me if you have a hint, or if I should play nighly-testing some more... NB: Of course, the file:// url in the attachements won't have anything to load on your computer :-/ (but it doesn't matter to see the SaveAs issue)
Target Milestone: --- → mozilla1.8alpha5
|
||
Updated•20 years ago
|
Summary: [v1.8a5 nighlies] A case of page displaying very badly, and Save Page As truncating the source ! → [v1.8a5 nightlies] A case of page displaying very badly, and Save Page As truncating the source
|
||
Comment 5•20 years ago
|
||
So how do I reproduce this bug, exactly? All I see is a URL that works fine in the URL field and three attachments that have totally different HTML. Please either provide steps to reproduce (and don't file bugs as NEW without such) or provide a minimal testcase.... Failing either of those, the one-day regression window may help, yes.
|
|
Reporter | |
Comment 6•20 years ago
|
||
(In reply to comment #5) Steps: similar to bug 263653 = too hard to explain/... :-( Testcase: I don't have a clue on what triggers this bug. > Failing either of those, the one-day regression window may help, yes. Done :-/ Regressed between 2004-10-15-06-trunk and 2004-10-16-07-trunk ! Working: 2004-09-29-07-trunk Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20040929 2004-10-09-07-trunk Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041009 2004-10-13-06-trunk Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041013 2004-10-15-06-trunk Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041015 Regressed: 2004-10-16-07-trunk Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041016 2004-10-17-07-trunk Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041017
|
|
Reporter | |
Comment 7•20 years ago
|
||
|
|
Reporter | |
Comment 8•20 years ago
|
||
Attachment #162523 -
Attachment is obsolete: true
Attachment #162524 -
Attachment is obsolete: true
Attachment #162525 -
Attachment is obsolete: true
|
|
Reporter | |
Comment 9•20 years ago
|
||
Part Display) I checked the display part only while testing nighlies. Part SavePageAs) Then I checked the save part on Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8a5) Gecko/20041016 only, and it worked fine. Either something went wrong in my initial test, or it's a new bug in v1.8a5-1017 or v1.8a5-1018 !? Let's solve the display issue, then I'll check again for the save issue.
Summary: [v1.8a5 nightlies] A case of page displaying very badly, and Save Page As truncating the source → [v1.8a5-1016+ nightlies] A case of page displaying very badly ! (and Save Page As truncating the source ?)
|
|
||
Comment 10•20 years ago
|
||
> Regressed between 2004-10-15-06-trunk and 2004-10-16-07-trunk ! Oh, I see. This page was loading the images from a file:// URI? That's when we landed a security check for that sort of crap. See bug 69070. In short, untrusted pages can't do that anymore.
|
|
Reporter | |
Comment 11•20 years ago
|
||
Right: I was/am too tired to have thought to look at the JS.C.:
plenty of
{{
Security Error: Content at http://www.battle-arenas.net/arenes.php may not load
or link to file:///W:/Progs/@Battle-Arenas/ba_pack/arene/sols/sa_x_0.gif.
}}
I read (quickly) bug 69070...
The case is:
this site is a "graphical" game site, and there is a zip file to download and
uncompress on local disk to speed up the display of all the images, this makes
less use of HTTP and server ressources too: that's all the file:// images.
The question is:
I understand the security interest of the fix,
but (how) can the previous behaviour/benefits be achieved now ?|
|
||
Comment 12•20 years ago
|
||
At the moment, they cannot. Once bug 233108 is fixed, you could allow just this site access to your hard drive (taking the associated security risks, of course). Marking invalid, since it sounds like things are working the way they should be.
|
||
Comment 13•20 years ago
|
||
-> INVALID per comments.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
|
|
Reporter | |
Comment 14•20 years ago
|
||
Agreed. I checked again the SaveAs issue with 1016, 1017, 1018 nighlies: couldn't reproduce. Sorry.
Severity: critical → major
Status: RESOLVED → VERIFIED
Summary: [v1.8a5-1016+ nightlies] A case of page displaying very badly ! (and Save Page As truncating the source ?) → [v1.8a5-1016+ nightlies] 'file://' images from http website are blocked by security !
|
||
Updated•20 years ago
|
Product: Browser → Seamonkey
You need to log in
before you can comment on or make changes to this bug.
Description
•