Closed
Bug 343686
(mobb-4)
Opened 18 years ago
Closed 17 years ago
Remain in design mode after demonstration of MFSA2006-30
Categories
(Core :: DOM: Editor, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: normansandbox, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1a3) Gecko/20060526 BonEcho/2.0a3
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1a3) Gecko/20060526 BonEcho/2.0a3
When I came across this website, I found exploit code with PoC code for Mozilla FIrefox or MFSA2006-30. When I executed this PoC on version 1.5.0.4, it seems liked nothin happened. Now when I executed this code on Ff 2.0a3, the code broke ALL hyper links.
Reproducible: Always
Steps to Reproduce:
1.Go to http://browserfun.blogspot.com, look for MoBB #4: Mozilla Firefox DesignMode and click the demo link.
2.Click the start demo button
3.Wait for a box to show up and dissappear and have the start demo button appear again
4.Go back to http://browserfun.blogspot.com and notice all hyper links are non clickable now or broken
Actual Results:
ALL HYPER LINKS ARE BROKEN
Expected Results:
the software should have not broken the hyper links like 1.5.0.4 does
http://browserfun.blogspot.com/
|
||
Comment 1•18 years ago
|
||
The bug is that you remain in design mode after the demonstration code... Happens to me in FF1.5.0.4 as well, and still happens in a 20060705 BonEcho build.
This may be a dupe of bug 287707, or at least blocks/depends on it. This is the issue noted in bug 331981 comment 19
Alias: mobb-4
Status: UNCONFIRMED → NEW
Component: General → Editor
Depends on: 287707
Ever confirmed: true
Product: Firefox → Core
QA Contact: general
Summary: HYPER LINKS BREAK WHEN EXPLOIT CODE FOR MFSA2006-30 IS INTRODUCED → Remain in design mode after demonstration of MFSA2006-30
Whiteboard: DUPEME
Version: unspecified → 1.8 Branch
|
|
||
Updated•18 years ago
|
Flags: blocking1.8.1?
I also noticed when I ran this demo, typed in gmail.com and went to login section, When I clicked the login field, Ff gave me the ability to resize and edit or delete anything on the page. Very Weird
|
||
Comment 3•18 years ago
|
||
Clearing the flag - if there is a safe/easy patch we'd take prior to b2
Flags: blocking1.8.1?
|
||
Updated•18 years ago
|
QA Contact: editor
|
||
Comment 5•17 years ago
|
||
This is now worksforme, using:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a6pre) Gecko/20070630 Minefield/3.0a6pre
Fixed by bug 237964.
(Note that this won't be fixed on the 1.8 branch, so it wouldn't make sense to keep this bug open for that)
Status: NEW → RESOLVED
Closed: 17 years ago
Depends on: contenteditable
Resolution: --- → FIXED
Version: 1.8 Branch → Trunk
|
||
Updated•17 years ago
|
Flags: in-testsuite?
You need to log in
before you can comment on or make changes to this bug.
Description
•