Closed Bug 415214 Opened 17 years ago Closed 17 years ago

Sites can set cookies for TLDs which can be accessed by any other site in that TLD

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 385299

People

(Reporter: wallfur+mozbugz, Assigned: dveditz)

Details

Attachments

(1 file)

cookie dialogue box showing .com.au cookie domain
31.53 KB, image/png
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-AU; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-AU; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 A site (or sites) has been able to set two cookies on my computer for the top level domain: .com.au when the least amount of info to set a domain cookie should have been: .somedomain.com.au Reproducible: Didn't try Expected Results: firefox should understand the .au is a country code thus the com.au is not a registrable domain and cookies cannot be set for it.
we've seen this before: bug 252342, bug 385299.
Yeah, this looks like a dupe of either of those bugs, which weren't fixed on the branch. I'm not sure how feasible it would be to backport the fix, but bug 385299 is marked wanted1.8.1.x+. This is a well-known problem and doesn't need to be marked security-sensitive. I think we should open it and dupe it to bug 385299.
Assignee: nobody → dveditz
Group: security
Product: Firefox → Core
QA Contact: firefox → toolkit
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: