Closed Bug 27182 Opened 26 years ago Closed 26 years ago

Back vulnerability

Categories

(Core :: Security, defect, P3)

Product:
Core
Component:
Security
Platform:
x86
Windows 98
Type:
defect

Tracking

()

Status:
VERIFIED WORKSFORME

People

(Reporter: norrisboyd, Assigned: norrisboyd)

References

(
URL
)

Details

Subject: BUG: Back vulnerability Date: Wed, 09 Feb 2000 16:27:54 +0200 From: Georgi Guninski <joro@nat.bg> To: Norris Boyd <norris@netscape.com> There is a vulnerability regarding the "Back" function. The problem is: first, set the current window location to JavaScript code that accesses the DOM, then clicking on a link to another page and finally going back executes the JavaScript code, which has access to the DOM of the last loaded document. The code is: -------------------------------------------------------------------------------- ---- <SCRIPT> location="javascript:alert('The first link is: '+document.links[0].href);"; </SCRIPT> <A HREF="http://www.yahoo.com">Click here, then when the page is loaded go back</A>
URL: http://warp/u/norris/tests/back1.html
Group: netscapeconfidential?
Status: NEW → ASSIGNED
Target Milestone: M15
Bulk moving all Browser Security bugs to new Security: General component. The previous Security component for Browser will be deleted.
Component: Security → Security: General
I now get the following error: JavaScript Error: access disallowed from scripts at http://warp to documents at another domain
Status: ASSIGNED → RESOLVED
Closed: 26 years ago
Resolution: --- → WORKSFORME
Group: netscapeconfidential?
Verified fixed.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.