Closed Bug 266573 Opened 20 years ago Closed 20 years ago

event.isTrusted is false when you overlay contentAreaClick()

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: bugs4hj, Assigned: dveditz)

Details

First of all, bug 265176 is still marked as security sensitive so that's why
I've marked this one also as security sensitive, because it concerns
event.isTrusted, and I don't want to be blame for a possible early exposure of
that bug, or parts of it.

Now, MultiZilla overlays contentAreaClick.js and one of the functions that we
overlay is contentAreaClick(event) and I also need to check 

if(!event.isTrusted)
  return true;

but event.isTrusted is always false for middle-clicks in MultiZilla. I must be
doing something wrong or there is some sort of strange loophole. 

This works when I disable MultiZilla, so the code base for Mozilla seems to work.

I don't want to re-open and/or re-introduce fixed Mozilla bugs with MultiZilla
so that is why I am asking for your help.
Selecting security-general as component sets that flag, no?
Oh bummer, 'nglayout.debug.disable_xul_cache' was my problem. 
Marking INVALID
Sorry for the SPAM guys :(
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
Selecting "Security: General" does not automatically make a bug
security-sensitive.  You have to check the security-sensitive box when you file
the bug.

This bug should not be security-sensitive, IMO.
(In reply to comment #3)
> Selecting "Security: General" does not automatically make a bug
> security-sensitive.  You have to check the security-sensitive box when you file
> the bug.
> 
> This bug should not be security-sensitive, IMO.

Ok, thanks for the info. Another lesson learned ;)
You need to log in before you can comment on or make changes to this bug.