Closed
Bug 460001
Opened 16 years ago
Closed 16 years ago
XSS by using two event listeners
Categories
(Core :: Security, defect, P1)
Tracking
()
VERIFIED
FIXED
People
(Reporter: moz_bug_r_a4, Assigned: smaug)
References
Details
(Keywords: regression, verified1.9.1, Whiteboard: [sg:high] 1.9.1-branch only)
Attachments
(3 files)
1.02 KB,
text/html
|
Details | |
1.01 KB,
text/html
|
Details | |
4.72 KB,
patch
|
sicking
:
review+
sicking
:
superreview+
|
Details | Diff | Splinter Review |
This is a trunk-only regression from bug 458202.
If there are two event listeners, and the first listener loads a new document,
the second listener can be called on the new document.
Reporter | ||
Comment 1•16 years ago
|
||
This tries to get cookies for www.mozilla.com.
This works on trunk.
Reporter | ||
Comment 2•16 years ago
|
||
This tries to get cookies for www.mozilla.com.
This works on trunk.
Assignee | ||
Comment 4•16 years ago
|
||
What can I say - my mistake!
Attachment #343204 -
Flags: superreview?(jonas)
Attachment #343204 -
Flags: review?(jonas)
Updated•16 years ago
|
Flags: blocking1.9.1?
Whiteboard: [sg:high]
Comment on attachment 343204 [details] [diff] [review]
backout the problematic part of bug 458202
It'd be good to get tests on this.
Attachment #343204 -
Flags: superreview?(jonas)
Attachment #343204 -
Flags: superreview+
Attachment #343204 -
Flags: review?(jonas)
Attachment #343204 -
Flags: review+
Assignee | ||
Comment 6•16 years ago
|
||
(In reply to comment #5)
> (From update of attachment 343204 [details] [diff] [review])
> It'd be good to get tests on this.
Sure, after ff3.0.4 and ff3.1b2.
Assignee | ||
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Flags: in-testsuite?
Resolution: --- → FIXED
Updated•16 years ago
|
Blocks: 458202
Flags: wanted1.9.0.x-
Flags: wanted1.8.1.x-
Keywords: regression
Whiteboard: [sg:high] → [sg:high] 1.9.1-branch only
Updated•16 years ago
|
Group: core-security
Comment 7•16 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/4ebb5707950e was prior to branching.
Smaug, it would be very helpful if you listed changeset IDs or links when marking bugs FIXED.
From a visual point of view, what is the expected result of running these test cases?
Reporter | ||
Comment 9•16 years ago
|
||
The expected result is no XSS alerts.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1pre) Gecko/20090526
Shiretoko/3.5pre -> XSS alerts do not appear.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b2pre) Gecko/20081018
Minefield/3.1b2pre -> XSS alerts appear.
Comment 10•16 years ago
|
||
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1pre) Gecko/20090527 Shiretoko/3.5pre
Verified that no XSS alerts appear.
Status: RESOLVED → VERIFIED
Keywords: fixed1.9.1 → verified1.9.1
Assignee | ||
Updated•12 years ago
|
Flags: in-testsuite? → in-testsuite-
You need to log in
before you can comment on or make changes to this bug.
Description
•