Closed Bug 418198 Opened 16 years ago Closed 16 years ago

data: protocol reveals cookies

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 255107

People

(Reporter: jakub, Unassigned)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; cs; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; cs; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12

Link to a data: protocol runs in a context of the page with a link. Thus it reveals the page cookies and allows XSS.

Pages stored by data: protocol should run in their own context.

Reproducible: Always

Steps to Reproduce:
1. Set a cookie on a page.
2. Link to data: protocol with <script>alert(document.cookie);</script>

Actual Results:  
Cookie is displayed.

Expected Results:  
No cookie is displayed.
Related to bug 255107?
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.