Closed Bug 460001 Opened 16 years ago Closed 16 years ago

XSS by using two event listeners

Categories

(Core :: Security, defect, P1)

x86
Windows XP
defect

Tracking

()

VERIFIED FIXED

People

(Reporter: moz_bug_r_a4, Assigned: smaug)

References

Details

(Keywords: regression, verified1.9.1, Whiteboard: [sg:high] 1.9.1-branch only)

Attachments

(3 files)

This is a trunk-only regression from bug 458202. If there are two event listeners, and the first listener loads a new document, the second listener can be called on the new document.
This tries to get cookies for www.mozilla.com. This works on trunk.
This tries to get cookies for www.mozilla.com. This works on trunk.
bah.
Assignee: nobody → Olli.Pettay
What can I say - my mistake!
Attachment #343204 - Flags: superreview?(jonas)
Attachment #343204 - Flags: review?(jonas)
Flags: blocking1.9.1?
Whiteboard: [sg:high]
Comment on attachment 343204 [details] [diff] [review] backout the problematic part of bug 458202 It'd be good to get tests on this.
Attachment #343204 - Flags: superreview?(jonas)
Attachment #343204 - Flags: superreview+
Attachment #343204 - Flags: review?(jonas)
Attachment #343204 - Flags: review+
(In reply to comment #5) > (From update of attachment 343204 [details] [diff] [review]) > It'd be good to get tests on this. Sure, after ff3.0.4 and ff3.1b2.
Status: NEW → RESOLVED
Closed: 16 years ago
Flags: in-testsuite?
Resolution: --- → FIXED
Blocks: 458202
Flags: wanted1.9.0.x-
Flags: wanted1.8.1.x-
Keywords: regression
Whiteboard: [sg:high] → [sg:high] 1.9.1-branch only
Group: core-security
http://hg.mozilla.org/mozilla-central/rev/4ebb5707950e was prior to branching. Smaug, it would be very helpful if you listed changeset IDs or links when marking bugs FIXED.
Flags: blocking1.9.1? → blocking1.9.1+
Keywords: fixed1.9.1
Priority: -- → P1
From a visual point of view, what is the expected result of running these test cases?
The expected result is no XSS alerts. Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1pre) Gecko/20090526 Shiretoko/3.5pre -> XSS alerts do not appear. Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b2pre) Gecko/20081018 Minefield/3.1b2pre -> XSS alerts appear.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1pre) Gecko/20090527 Shiretoko/3.5pre Verified that no XSS alerts appear.
Status: RESOLVED → VERIFIED
Flags: in-testsuite? → in-testsuite-
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: