Closed
Bug 561071
Opened 15 years ago
Closed 15 years ago
Dropping a link to contentsarea security policy is different from Branch build
Categories
(Toolkit Graveyard :: Security, defect)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: alice0775, Unassigned)
References
Details
No description provided.
|
Reporter | |
Comment 1•15 years ago
|
||
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.3a5pre) Gecko/20100421 Minefield/3.7a5pre ID:20100421041252
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.3a5pre) Gecko/20100421 Minefield/3.7a5pre ID:20100421041252
Droping a link to contentsarea security policy is different from Branch build.
is this the behavior is by design?
Reproducible: Always
Steps to Reproduce:
1. Start Minefield with new profile.
2. Create a bookmark 'about:config' on bookmarks toolbar
3. Open http://www.mozilla.org/projects/minefield/
4. Drag and drop the created bookmarks 'about:config' onto contentsarea.
Actual Results:
about:config page will be open in current tab
Expected Results:
should denined. and logged as follows.
"Security Error: Content at chrome://browser/content/browser.xul may not load or link to about:config."
Blocks: 545714
|
|
Reporter | |
Updated•15 years ago
|
Status: NEW → UNCONFIRMED
Ever confirmed: false
|
|
||
Comment 2•15 years ago
|
||
This security check is Firefox/toolkit code, not core. Gavin's touched this recently so might know whether this was on purpose.
Component: Drag and Drop → Security
Product: Core → Toolkit
QA Contact: drag-drop → toolkit
|
|
Reporter | |
Updated•15 years ago
|
Summary: Droping a link to contentsarea security policy is different from Branch build → Dropping a link to contentsarea security policy is different from Branch build
|
||
Comment 3•15 years ago
|
||
Sounds like this may be a regression of bug 546909 caused by bug 545714.
|
|
||
Comment 4•15 years ago
|
||
Well, not of bug 546909 directly. The key difference here may be that the bookmark itself is being dropped, rather than just a URL.
|
||
Comment 5•15 years ago
|
||
Gavin, is there a bug here?
Dragging an about: url from the bookmarks toolbar to the content area doesn't seem like it would intentionally be prevented.
|
|
||
Comment 6•15 years ago
|
||
Yeah, I guess this is actually a fix. Bug 546909 wasn't regressed.
|
|
||
Updated•15 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
|
|
Reporter | |
Comment 7•15 years ago
|
||
So, Is the behavior intentional?
|
|
||
Comment 8•15 years ago
|
||
Yes. Do you see a problem with that?
|
|
Reporter | |
Comment 9•15 years ago
|
||
No ploblem.
But I am uneasy using Firefox.
Thanks.
|
Assignee | |
Updated•9 years ago
|
Product: Toolkit → Toolkit Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•