Closed Bug 267766 Opened 20 years ago Closed 20 years ago

url spoof when opening a link in a new tab

Categories

(Firefox :: Tabbed Browser, defect)

Product:
Firefox
Component:
Tabbed Browser
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 266932

People

(Reporter: cerel, Assigned: bugs)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041103 Firefox/1.0RC2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041103 Firefox/1.0RC2

This bug is variation of the one that affected IE some days ago.
IE could be spoofed by this code :
<a href="http://www.mozilla.org/"><table><tr><td><a
href="http://www.google.com/">http://www.mozilla.org</td></tr></table></a>

Firefox is not affected by that, but with a minor change it could lead to a sort
of url spoof.
This code affects Firefox in a particular way :
<a href="http://www.mozilla.org/"><table><tr><td><a
href="http://www.google.com/">http://www.mozilla.org</a></td></tr></table></a>
(note the additional </a>).


Reproducible: Always
Steps to Reproduce:
1. Insert the following code in an html file :
<a href="http://www.mozilla.org/"><table><tr><td><a
href="http://www.google.com/">http://www.mozilla.org</a></td></tr></table></a>

2. Single click on the malformed link. The site opens in the current tab and
your are directed to the correct site (the same that's written in the status bar).
3. Do a "ctrl-click" on the same link. A new tab is opened but you are directed
to the wrong site.
4. Do a "left-click -> Open in new tab" on the same link. A new tab is opened
but you are directed to the wrong site.
Actual Results:  
Step 2 : The browser goes to http://www.mozilla.org/
Step 3 : The new tab goes to http://www.google.com
Step 4 : The new tab goes to http://www.google.com


Expected Results:  
The links used by the browser to open a new tab (in step 3 and 4) should have
been the same link as in step 2.

I tested this bug with a new blank profile. The results where the same.
I also tested this bug on linux and Firefox 0.10.1 PR with a blank profile too
(Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20040914 Firefox/0.10.1)

*** This bug has been marked as a duplicate of 266932 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.