Open Bug 427016 Opened 13 years ago Updated 6 years ago

Screenshot paste feature in libeditor can reveal current windows user name

Categories

(Core :: DOM: Editor, defect)

x86
Windows XP
defect
Not set
minor

Tracking

()

UNCONFIRMED

People

(Reporter: chtototam, Unassigned)

References

()

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5

As far as I understad, current implementation of nsHTMLEditor::InsertFromTransferable, when a paste content is image (typically a screenshot), saves this image to %TEMP%\moz-screenshot.jpg and pastes a img src to the file://<$temp>/moz-screenshot into a control. 
On Win (at least 2K/XP), a %TEMP% directory typically contains login name of the current user.
As far as I understand, libeditor is used by websites, when they want to use a rich edit control. This leads to the fact that when user tries to paste an image, a url to the file in the %TEMP% directory is supplied to the web server.

Searching for http://www.google.ru/search?q=moz-screenshot+DOCUME~1 shows lots of results -- so this is an often problem

Reproducible: Always

Steps to Reproduce:
No easy steps to reproduce - I could not find a place which would allow to use rich edit without need to register. 
On livejournal.com it can be easily seen when creating a new post - switch to richedit, paste image from clipboard, switch to html and you will see <img src="file://"


Expected Results:  
Ideally to use a temporary path, which does not contain a user name inside. (C:\windows\temp on win?)
Version: unspecified → 3.0 Branch
Component: Shell Integration → Editor
Product: Firefox → Core
Version: 3.0 Branch → unspecified
You need to log in before you can comment on or make changes to this bug.