Closed
Bug 269174
Opened 20 years ago
Closed 12 years ago
sport4fun.com changes window name, influencing the behaviour of www.hattrick.org
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 821080
People
(Reporter: emanu_mary, Unassigned)
References
()
Details
(Keywords: sec-low, Whiteboard: [sg:low])
User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041001 Firefox/0.10.1 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041001 Firefox/0.10.1 If you visit http://www.sport4fun.com/it and then from the location bar you open hattrick.org, the links on this site that have as target the central frame, will open on _top. Even with firefox 1.0. Reproducible: Always Steps to Reproduce: 1.type in the location bar http://www.sport4fun.com/it and open it 2.type in the location bar www.hattrick.org and open it 3.click on the link "-Gamemaster »" on the left menu Actual Results: the link will open on top Expected Results: it should open in the frame "main" The problem i probably caused by this line: <script LANGUAGE="JavaScript">self.name="main";</script> in sport4fun.com/it that conflicts with: <A HREF="cheatreport.asp?" style="font-weight: normal" target="main">Gamemaster »</A> in hattrick.org
Assignee: general → general
Component: JavaScript Engine → DOM: Level 0
QA Contact: pschwartau → ian
Comment 1•20 years ago
|
||
So.. how do we solve this problem? Should we clear script-set window.name on page traversals? What does IE do, I wonder?
Comment 2•20 years ago
|
||
MSIE6/winxpsp2 does the same thing as we do strangely enough.
AFAIK this is the first time this obvious issue has ever been raised, and AFAIK all browsers have had the same problem since, what, 1998? It makes sense to me to set a window's name to the zero-length string any time it changes domains.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: this site influence the behaviour of www.hattrick.org → sport4fun.com changes window name, influencing the behaviour of www.hattrick.org
Comment 4•20 years ago
|
||
I don't know about changing the name of the windows when we load new pages into the window, but maybe we should make changes to window.name only go into the DOM object, and we'd reset that on pageload?
Updated•19 years ago
|
Flags: blocking1.8b5?
Comment 5•19 years ago
|
||
It's unclear to me that this should become a stop ship bug. Since dan and jesse got cc'ed, can someone elaborate if this is a security issue? Time is running out for this bug which seems to have been idle since January. Leaving the nomination alone for right now pending some more information.
Comment 6•19 years ago
|
||
not a blocker until someone provides a compelling reason to take this so late in the game.
Flags: blocking1.8b5? → blocking1.8b5-
Comment 7•19 years ago
|
||
I believe it's a security bug to allow one site to affect where another site's window.open() calls put content. We have all sorts of checks to prevent just that, and this bug is about a way for a site to completely bypass all those checks. Of course I don't know whether that's a compelling reason, since I'm not clear what our blocker criteria are at this point.
Updated•16 years ago
|
Whiteboard: [sg:investigate]
Updated•15 years ago
|
Assignee: general → nobody
QA Contact: ian → general
Updated•15 years ago
|
Whiteboard: [sg:investigate] → [sg:low]
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•