Open Bug 345208 Opened 18 years ago Updated 2 years ago

Frame page causes my javascript menu to fail

Categories

(Core :: DOM: Core & HTML, defect, P5)

Product:
Core
Component:
DOM: Core & HTML
Platform:
x86
Windows XP
Type:
defect

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: laven, Unassigned)

References

(
URL
)

Details

(Keywords: testcase) 

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4

The javascript dropdown menu works on all other pages except when I go into this frame page (http://www.starkmann.com/whatFrms.htm) and click on what one of the graphic links and then select another page from the dropdown menu nothing happens. I tried the same in IE and all working fine. Please check and fix this bug as most of our customers use MozillaFirefox.

Reproducible: Always

Steps to Reproduce:
1.goto http://www.starkmann.com/whatFrms.htm
2.select a graphic link (e.g London2012)
3.from the the dropdown menu, select another page
4.you'll notice that nothing happen.
Actual Results:  
nothing happens

Expected Results:  
goto the selected page
When 'nothing happens' I get this in the error console:
Error: uncaught exception: Permission denied to get property Window._top

I'm thinking it's a cross-site scripting restriction because the two frames have content from different servers.  
Yes, the function ig_searchFrames in ig_shared.js is buggy:
	function ig_searchFrames(frame, targetFrame) {
		if(frame.frames[targetFrame] != null)
			return frame.frames[targetFrame];
		var i;
		for(i=0; i<frame.frames.length; i++) {
			var subFrame = ig_searchFrames(frame.frames[i], targetFrame);
			if(subFrame != null)
				return subFrame; 
		}
		return null;
	}
See the most inner loop. It expect to be able to get the property '_top' of any window, also from other domains. This is not possible in Mozilla and raises an exception. So the script should have a try..catch here.
It works in IE6, but that means that with IE6, webmasters are able to get random properties of other windows with a different domain from the user, which is a security issue in IE6, I suspect.

See also http://wargers.org/mozilla/test/frametest/framesdomain.htm for an example.
The 3rd alert should not happen, you should get a security exception instead.
(In reply to comment #2)
> It works in IE6, but that means that with IE6, webmasters are able to get
> random properties of other windows with a different domain from the user, which
> is a security issue in IE6, I suspect.

Ah no, that's not true, this example of the property 'martijn' doesn't work in IE6 also: http://wargers.org/mozilla/test/frametest/framesdomain2.htm
So apparently, IE6 is returning undefined for properties that are not defined in the frame: http://wargers.org/mozilla/test/frametest/framesdomain.htm
But as soon as some script has defined the property in the frame, then the property is not accessible anymore in the other frame in IE and you get an exception: http://wargers.org/mozilla/test/frametest/framesdomain2.htm

So maybe we should be compatible with IE6 here.
But there are some reasons mentioned in bug 158049, why this is probably not a good idea.
Assignee: nobody → general
Component: General → DOM
Keywords: testcase
Product: Firefox → Core
QA Contact: general → ian
Version: unspecified → Trunk
Assignee: general → nobody
QA Contact: ian → general
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046

Move all DOM bugs that haven’t been updated in more than 3 years and has no one currently assigned to P5.

If you have questions, please contact :mdaly.
Priority: -- → P5
Component: DOM → DOM: Core & HTML
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.