Closed
Bug 359402
Opened 18 years ago
Closed 18 years ago
Loading remote images in RSS articles is broken
Categories
(Thunderbird :: General, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
Thunderbird2.0
People
(Reporter: mscott, Assigned: mscott)
References
Details
(Keywords: verified1.8.1.3)
Bug 330443 caused a regression on the trunk for RSS feeds which are loading the web page in an iframe.
i.e.
<iframe src="http url for the article">
the requesting location for the imae is the src of the iframe and not the mailbox url loading the message. We end up always denying the load because we can't get the information we need. Before 330443 we threw an error so the content policy manager ignored our reject request. After 330443 landed, we don't return an error so the reject decision takes place.
|
Assignee | |
Updated•18 years ago
|
Flags: blocking-thunderbird2+
|
||
Comment 1•18 years ago
|
||
Using version 3 alpha 1 (20061102) I see the exception below in the error console:
Error: uncaught exception: [Exception... "Security error" code: "1000" nsresult: "0x805303e8 (NS_ERROR_DOM_SECURITY_ERR)" location: "<unknown>"]
BUT..The html page in question does load, even with the error.
I'm only bringing this up due to the possibilty that the intended security restriction in #330443 is being ignored. I for one, indeed think that many of these
"security" changes are much too limiting, so personally don't care.
Just an FYI on the security implications.
Source for the rss feed:
<html>
<head>
<title>The Burning Mountain</title>
<base href="http://www.nasa.gov/multimedia/imagegallery/image_feature_690.html">
<style type="text/css">
body {
margin: 0;
border: none;
padding: 0;
}
iframe {
position: fixed;
top: 0;
right: 0;
bottom: 0;
left: 0;
border: none;
}
</style>
</head>
<body>
<iframe id ="_mailrssiframe" src="http://www.nasa.gov/multimedia/imagegallery/image_feature_690.html">
Over 120 million years ago, a single mass of granite punched through the Earth?s crust and intruded into the heart of the Namib Desert in what is now northern Namibia
</iframe>
</body>
</html>
|
|
Assignee | |
Comment 2•18 years ago
|
||
I've fixed this regression on the trunk as part of Bug 359479 which is a security bug that you can't see. sorry! But it should be fixed in tomorrow's builds.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 3•18 years ago
|
||
this got fixed on the branch as well when Bug 359479 landed there.
Keywords: fixed1.8.1.1
|
||
Comment 4•18 years ago
|
||
verified fixed 1.8.1.3 on Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.0 ID:2007032620 - tested the remote images in RSS Articles and its working fine.
Keywords: fixed1.8.1.1 → verified1.8.1.3
You need to log in
before you can comment on or make changes to this bug.
Description
•