Open Bug 427016 Opened 13 years ago Updated 6 years ago
Screenshot paste feature in libeditor can reveal current windows user name
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5 As far as I understad, current implementation of nsHTMLEditor::InsertFromTransferable, when a paste content is image (typically a screenshot), saves this image to %TEMP%\moz-screenshot.jpg and pastes a img src to the file://<$temp>/moz-screenshot into a control. On Win (at least 2K/XP), a %TEMP% directory typically contains login name of the current user. As far as I understand, libeditor is used by websites, when they want to use a rich edit control. This leads to the fact that when user tries to paste an image, a url to the file in the %TEMP% directory is supplied to the web server. Searching for http://www.google.ru/search?q=moz-screenshot+DOCUME~1 shows lots of results -- so this is an often problem Reproducible: Always Steps to Reproduce: No easy steps to reproduce - I could not find a place which would allow to use rich edit without need to register. On livejournal.com it can be easily seen when creating a new post - switch to richedit, paste image from clipboard, switch to html and you will see <img src="file://" Expected Results: Ideally to use a temporary path, which does not contain a user name inside. (C:\windows\temp on win?)
Component: Shell Integration → Editor
Product: Firefox → Core
Version: 3.0 Branch → unspecified
You need to log in before you can comment on or make changes to this bug.