Closed
Bug 304133
Opened 19 years ago
Closed 19 years ago
Iframe inside an absolute positioned div crashes Browser
Categories
(Firefox :: Security, defect)
Tracking
()
VERIFIED
WORKSFORME
People
(Reporter: matias.muhonen, Unassigned)
References
()
Details
(Keywords: crash, Whiteboard: DUPEME?)
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6 An iframe inside an absolute positioned parent div and a div serving as a 'close button'. The 'close button' div must be also absolute positioned inside the parent div. Removing the parent div from document body causes a fatal crash if the iframe is active. <body> <div id="a" style="position:absolute"> <iframe></iframe> <div style="position:absolute" onmousemove="document.body.removeChild(document.getElementById('a'))"> 1. click iframe 2. move mouse here </div> </div> </body> Reproducible: Always Steps to Reproduce: 1. Open the attached document 2. Click the iframe in the document 3. Move cursor inside the "move mouse here" text Actual Results: The browser crashes immediately Expected Results: The div should be hided
Comment 1•19 years ago
|
||
No crash for me, Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050808 Firefox/1.0+ This doesn't sound like a security hole to me. Some crashes are security holes, such as buffer overflows or crashes that affect server software, but most aren't.
Group: security
Keywords: crash
Comment 2•19 years ago
|
||
Crashes 1.0.6 but not Deer Park (trunk). The crash was executing address 0x00000000, which isn't a security issue that would cause a branch re-spin.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → WORKSFORME
Whiteboard: DUPEME?
Version: unspecified → 1.0 Branch
Comment 3•19 years ago
|
||
<- VERI. v1.0.x is for security releases, and as per comment 2, this isn't a security issue.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•