Closed Bug 291838 Opened 20 years ago Closed 20 years ago

Navigating backwards can cause cross site scripting

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED DUPLICATE of bug 291745

People

(Reporter: pvnick, Assigned: dveditz)

References

(
URL
)

Details

(Whiteboard: [sg:dupe 291745]) 

User-Agent:       Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)
Build Identifier: http://download.mozilla.org/?product=firefox-1.0.3&os=win&lang=en-US

When navigating away from a specially crafted javascript:[script] page, one 
can press "Back" to reexecute the javascript in the context of the new site.

Reproducible: Always

Steps to Reproduce:
1. http://greyhatsecurity.org/vulntests/more/cookies.htm
2. wait for the page to load
3. click the link
4. after google loads, press "Back" on the navigation toolbar
5. Javascript executed
Actual Results:  
cross site scripting in the context of google

Expected Results:  
javascript should not be saved in the history (this is a common security 
precaution, so it would not cause any 3rd party apps to break)

internet explorer does not allow javascript:[script] pages to be saved in the 
history as this was an issue for that browser a while back
Am I missing something? Looks like a dupe to me.

*** This bug has been marked as a duplicate of 291745 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Whiteboard: [sg:dupe 291745]
Group: security
You need to log in before you can comment on or make changes to this bug.