Open Bug 314787 Opened 15 years ago Updated 13 years ago
Loading a page in a frameset from a popup fails if done by a different server: NS
_ERROR _DOM _PROP _ACCESS _DENIED
I confirm the uncaught exception, independently of whether the testcase is valid or not.
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows 2000 → All
Hardware: PC → All
I saw this error in my console when using today's minefield build, Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.9a8pre) Gecko/200708080404 Minefield/3.0a8pre. I hit it when visiting espn.go.com. I haven't seen this particular error previously in the console during my trunk testing.
I get this errror immediately in the console when I am testing espn.go.com. I am using Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.9a9pre) Gecko/2007092504 Minefield/3.0a9pre.
Version: unspecified → Trunk
can we get this fixed in trunk? STR: go to http://espn.go.com/, and open error console. Error: uncaught exception: unknown (can't convert to string) Error: uncaught exception: [Exception... "Access to property denied" code: "1010" nsresult: "0x805303f2 (NS_ERROR_DOM_PROP_ACCESS_DENIED)" location: "<unknown>"] Reproduced on: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-US; rv:1.9b1) Gecko/2007110903 Firefox/3.0b1
This bug may or may not be the same as the error on ESPN. I actually think this is invalid (if you could do this, it would be considered a same-origin hole, since host2 could replace host1's frame content, which could be very bad indeed). This error message basically means "the site tried to violate the security model of the browser" so unless we have a testcase that should work under same-origin there isn't a valid bug to be found...
Flags: blocking-firefox3? → blocking-firefox3-
Is there any known fix for this? This bug is clearly demonstrated at this URL: http://crypto.stanford.edu/~abarth/research/nav-pointer/frame1.html And also reported at https://bugzilla.mozilla.org/show_bug.cgi?id=418559 Please let me know if anyone got the fix for this. Thanks in advance Vivek Pohre
You need to log in before you can comment on or make changes to this bug.