All users were logged out of Bugzilla on October 13th, 2018

When opening a target=_blank link, "about:blank" appears in URL bar until page loads

VERIFIED DUPLICATE of bug 610357

Status

()

VERIFIED DUPLICATE of bug 610357
8 years ago
2 years ago

People

(Reporter: jruderman, Unassigned)

Tracking

({dataloss, ux-implementation-level})

Trunk
x86
Mac OS X
dataloss, ux-implementation-level
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Reporter)

Description

8 years ago
Created attachment 497886 [details]
testcase

To reproduce: Click a link with target=_blank.

Result: The URL bar in the new tab shows about:blank until the server responds. This is either janky or datalossy, depending on how quickly the server responds.

Expected: The URL bar in the new tab should immediately show the URL to be loaded.
(Reporter)

Comment 1

8 years ago
Created attachment 497890 [details]
testcase with a mix of fast and slow sites
Attachment #497886 - Attachment is obsolete: true

Comment 2

8 years ago
Note that showing the URL before the content loads in a new window is dangerous if the attacker can get handle of that window, and if about:blank is same-origin with the opener. You fixed CVE-2010-1206 not long ago:

http://lcamtuf.blogspot.com/2010/06/yeah-about-that-address-bar-thing.html

Even if stopping the navigation is not possible, it's still a rather bad design to show malicious content while URL bar suggests a different origin and the throbber is spinning.

So you should probably either limit this logic to cases where attacker can't get window handle (e.g., target=_blank); or make SOP checks fail against about:blank in this navigation scenario.

Updated

8 years ago
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 610357
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.