User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:22.214.171.124) Gecko/20060909 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:126.96.36.199) Gecko/20060909 If browser.chrome.site_icons and tabbed browsing is enabled and you retrieve an image via a script (uncached) the image is loaded twice. If you add a bookmark to the URL and retrieve it again it will be loaded three times from the webserver. Reproducible: Always Steps to Reproduce: 1. Put an arbitrary jpeg-image (named j.jpg) on your server. Enable CGI. 2. put the delivery script p.pl into the directory where you put the image: --- p.pl ---- #!/usr/bin/perl use CGI qw/:standard/; print header(-type => 'image/jpeg'); open(J,'<j.jpg'); read J, $b, 1000000; print $b; --- end p.pl --- 3. set browser.chrome.site_icons to true and retrieve the URL (p.pl) with firefox. Count the lines in the webserer log. 4. Bookmark the URL and retrieve the URL again. Count the lines in the webserver log. Actual Results: 3. 2 GETs are logged 4. 3 GETs are logged Expected Results: The image shall be loaded *once* regardless of site_icon settings or existence of bookmarks. Does this behaviour reveal whether the user has bookmarked some URL? Is this a potential privacy issue? Workaround: set browser.chrome.site_icons to false :-(
Not an exploit, clearing security-sensitive flag. Possible privacy issue.
Reporter, do you still see this problem with the latest Firefox 2? If not, can you please close this bug as WORKSFORME. Thanks!
Please reopen this bug if it appears with a recent version of firefox 3 in a new profile. http://support.mozilla.com/kb/Profiles