Last Comment Bug 269174 - sport4fun.com changes window name, influencing the behaviour of www.hattrick.org
: sport4fun.com changes window name, influencing the behaviour of www.hattrick.org
Status: RESOLVED DUPLICATE of bug 821080
[sg:low]
: sec-low
Product: Core
Classification: Components
Component: DOM: Core & HTML (show other bugs)
: Trunk
: x86 All
: -- normal (vote)
: ---
Assigned To: Nobody; OK to take it and work on it
:
Mentors:
http://www.sport4fun.com/it
Depends on: 103638
Blocks:
  Show dependency treegraph
 
Reported: 2004-11-11 07:58 PST by Emanuele
Modified: 2013-12-27 14:23 PST (History)
6 users (show)
asa: blocking1.8b5-
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description Emanuele 2004-11-11 07:58:18 PST
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041001 Firefox/0.10.1
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041001 Firefox/0.10.1

If you visit http://www.sport4fun.com/it and then from the location bar you open
hattrick.org, the links on this site that have as target the central frame, will
open on _top. Even with firefox 1.0.


Reproducible: Always
Steps to Reproduce:
1.type in the location bar http://www.sport4fun.com/it and open it
2.type in the location bar www.hattrick.org and open it
3.click on the link "-Gamemaster ยป" on the left menu
Actual Results:  
the link will open on top

Expected Results:  
it should open in the frame "main"

The problem i probably caused by this line:

<script LANGUAGE="JavaScript">self.name="main";</script> 

in sport4fun.com/it that conflicts with:

 <A HREF="cheatreport.asp?" style="font-weight: normal" target="main">Gamemaster
&raquo;</A>

in hattrick.org
Comment 1 Boris Zbarsky [:bz] (TPAC) 2005-01-14 23:02:11 PST
So.. how do we solve this problem?  Should we clear script-set window.name on
page traversals?  What does IE do, I wonder?
Comment 2 Bob Clary [:bc:] 2005-01-15 01:56:27 PST
MSIE6/winxpsp2 does the same thing as we do strangely enough.
Comment 3 Dan M 2005-01-16 18:06:12 PST
AFAIK this is the first time this obvious issue has ever been raised, and AFAIK
all browsers have had the same problem since, what, 1998? It makes sense to me
to set a window's name to the zero-length string any time it changes domains.
Comment 4 Johnny Stenback (:jst, jst@mozilla.com) 2005-01-25 17:22:48 PST
I don't know about changing the name of the windows when we load new pages into
the window, but maybe we should make changes to window.name only go into the DOM
object, and we'd reset that on pageload?
Comment 5 Scott MacGregor 2005-09-13 09:59:33 PDT
It's unclear to me that this should become a stop ship bug. Since dan and jesse
got cc'ed, can someone elaborate if this is a security issue? Time is running
out for this bug which seems to have been idle since January.

Leaving the nomination alone for right now pending some more information.
Comment 6 Asa Dotzler [:asa] 2005-09-15 15:56:58 PDT
not a blocker until someone provides a compelling reason to take this so late in
the game.
Comment 7 Boris Zbarsky [:bz] (TPAC) 2005-09-15 22:01:39 PDT
I believe it's a security bug to allow one site to affect where another site's
window.open() calls put content.  We have all sorts of checks to prevent just
that, and this bug is about a way for a site to completely bypass all those checks.

Of course I don't know whether that's a compelling reason, since I'm not clear
what our blocker criteria are at this point.
Comment 8 Boris Zbarsky [:bz] (TPAC) 2013-01-16 22:15:15 PST

*** This bug has been marked as a duplicate of bug 821080 ***

Note You need to log in before you can comment on or make changes to this bug.