Open Bug 427016 Opened 13 years ago Updated 6 years ago

Screenshot paste feature in libeditor can reveal current windows user name


(Core :: DOM: Editor, defect)

Windows XP
Not set





(Reporter: chtototam, Unassigned)




User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5

As far as I understad, current implementation of nsHTMLEditor::InsertFromTransferable, when a paste content is image (typically a screenshot), saves this image to %TEMP%\moz-screenshot.jpg and pastes a img src to the file://<$temp>/moz-screenshot into a control. 
On Win (at least 2K/XP), a %TEMP% directory typically contains login name of the current user.
As far as I understand, libeditor is used by websites, when they want to use a rich edit control. This leads to the fact that when user tries to paste an image, a url to the file in the %TEMP% directory is supplied to the web server.

Searching for shows lots of results -- so this is an often problem

Reproducible: Always

Steps to Reproduce:
No easy steps to reproduce - I could not find a place which would allow to use rich edit without need to register. 
On it can be easily seen when creating a new post - switch to richedit, paste image from clipboard, switch to html and you will see <img src="file://"

Expected Results:  
Ideally to use a temporary path, which does not contain a user name inside. (C:\windows\temp on win?)
Version: unspecified → 3.0 Branch
Component: Shell Integration → Editor
Product: Firefox → Core
Version: 3.0 Branch → unspecified
You need to log in before you can comment on or make changes to this bug.