Last Comment Bug 341494 - phishing: target of "nested link" depends on mouse button used when clicking
: phishing: target of "nested link" depends on mouse button used when clicking
Status: RESOLVED FIXED
[sg:low spoof]
:
Product: Core
Classification: Components
Component: DOM: Core & HTML (show other bugs)
: 1.8 Branch
: x86 Linux
: -- normal (vote)
: ---
Assigned To: general
:
Mentors:
http://www.student.informatik.tu-darm...
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-06-14 03:28 PDT by tsattler
Modified: 2011-07-25 13:52 PDT (History)
1 user (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description tsattler 2006-06-14 03:28:46 PDT
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b2) Gecko/20050702

leftclick opens one URL, middleclick another after js was used to change

<a href="http://www.heise.de">
  <img src="http://www.heise.de/icons/ho/heise.gif">
</a>

to

<a href="http://www.heise.de">
  <a href="http://www.google.de">
    <img src="http://www.heise.de/icons/ho/heise.gif">
  </a>
</a>


Reproducible: Always

Steps to Reproduce:
click on the image with left/middle mousebutton
Actual Results:  
different sites are opened

Expected Results:  
both should act the same

happens with vanilla nightly build
could possibly used for phishing
Comment 1 timeless 2006-07-10 00:54:59 PDT
i'd rather this bug be public so that it would get some attn and maybe be fixed.
Comment 2 Jesse Ruderman 2011-07-25 13:52:18 PDT
Fixed in bug 331959, I believe. Both methods go to the inner link now.

Note You need to log in before you can comment on or make changes to this bug.