Closed
Bug 576875
Opened 14 years ago
Closed 14 years ago
Possible Location bar Spoofing using location.reload on the <body>
Categories
(Core :: General, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: jordi.chancel, Unassigned)
Details
(Whiteboard: [sg:needinfo])
Attachments
(1 file)
|
92 bytes,
text/html
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; fr; rv:1.9.2.7) Gecko/20100701 Firefox/3.6.7 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; fr; rv:1.9.2.7) Gecko/20100701 Firefox/3.6.7 When you are on an web-adress and load a 2nd adresse that contains location.reload() on the <body> , they change the document.location and steal the content of previous web page Example : <html> <body onload="location.reload();"> </body> </html> Reproducible: Sometimes Steps to Reproduce: 1.enter a first address 2.enter a second address with location.reload on the body Actual Results: the location bar is spoofed Vulnerability found by Jordi Chancel & 599eme Man
|
||
Comment 1•14 years ago
|
||
I'm not sure I follow. location.reload on a page will .... reload that page. What's the issue?
|
Reporter | |
Comment 2•14 years ago
|
||
TestCase 1
|
||
Comment 3•14 years ago
|
||
Can you give more precise steps to reproduce, and describe the incorrect result we should be looking for? I didn't see anything obviously wrong when I clicked the link in the testcase.
|
|
||
Updated•14 years ago
|
Whiteboard: [sg:needinfo]
|
||
Comment 4•14 years ago
|
||
I think we all agree we don't see anything wrong with your testcase.
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → WORKSFORME
|
||
Updated•9 years ago
|
Group: core-security → core-security-release
|
|
||
Updated•9 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•