Closed Bug 56967 Opened 24 years ago Closed 24 years ago

Fails to execute javascripts which eliminates frame.

Categories

(Core :: Security, defect, P3)

Product:
Core
Component:
Security
Platform:
x86
Windows 95
Type:
defect

Tracking

()

Status:
VERIFIED DUPLICATE of bug 56053

People

(Reporter: simon, Assigned: security-bugs)

References

(
URL
)

Details

From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows 95)
BuildID:    2000101408

The page http://www.simifilm.com redirects the browser to 
http://www.simifilm.ch and generates a frame containing an ad. The 
javascript "if (window != top) top.location.href = location.href;" should 
eliminate this frame. This works under IE5/IE5.5/Opera and iCab, but using 
Mozilla the frame remains. A detail which makes me believe that this bug maybe 
is'nt related to javascript: Mozilla still displays the URL www.simifilm.org 
when it should be www.simifilm.ch


Reproducible: Always
Steps to Reproduce:
1.Load http://www.simifilm.org
2.Do the same in another browser and compare the results.
3.

Actual Results:  The ad is still visible.                   

Expected Results:  There should be no frame.
Assignee: rogerl → mstoltz
Component: Javascript Engine → Security: General
QA Contact: pschwartau → czhang
I am seeing Security errors in the JavaScript console on the redirect. 
Reassigning to Security:General for further triage. The errors are:


Error: 
Source File: http://www.simifilm.ch/
Line:        33


Error:    uncaught exception: [Exception... "Access to property denied" 
code:     1010
nsresult: NS_ERROR_DOM_PROP_ACCESS_DENIED
location: http://www.simifilm.ch/
line:     33


I think this is a known bug. Checking it out...
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
QA Contact: czhang → junruh
*** Bug 56132 has been marked as a duplicate of this bug. ***
Mass changing QA to ckritzer.
QA Contact: junruh → ckritzer
there's a bug here about writing to location.href, but aside from that, you
should never be able to *read* location.href cross-domain. To "break out" of a
frame, use 
if(window == window.top) 
rather than 
if (window.location.href = window.top.location.href)
which is often a security violation.


*** This bug has been marked as a duplicate of 56053 ***
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
Marking VERIFIED FIXED per Mitch's comments & 56053
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.