Loading data: URLs from bookmarks shouldn't inherit principal

NEW
Unassigned

Status

()

Firefox
General
6 years ago
2 years ago

People

(Reporter: Jesse Ruderman, Unassigned)

Tracking

(Blocks: 1 bug, {sec-want, testcase})

Trunk
sec-want, testcase
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:want])

(Reporter)

Description

6 years ago
1. In the address bar, enter 
  data:text/html,<script>alert(document.cookie)</script>

Result: shows Bugzilla cookie

Expected: show empty alert

(Figuring out what to do for *javascript:* URLs is controversial and covered in other bugs.)

(Changing the behavior of data: *links in web pages* is controversial and covered in other bugs.)
Gavin has a fix for the url bar case.
(Reporter)

Comment 2

6 years ago
Gavin's patch in bug 656433 fixes the address bar case.
Depends on: 656433
(In reply to comment #0)
> Result: shows Bugzilla cookie
> 
> Expected: show empty alert

Note that the patch in bug 656433 has slightly different expected results: no alert appears, because window.alert is undefined (there is no window object).
(Reporter)

Comment 4

6 years ago
That sounds quite strange. How does the data: document end up without a window object?
Gavin: that sounds odd.  for javascript:, maybe, but data: should do the right thing.
Yes, sorry, I was confusing data: and javascript:. data: URIs show the alert, javascript: URIs don't.
Keywords: sec-want
(Reporter)

Updated

2 years ago
Duplicate of this bug: 1151272

Updated

2 years ago
Summary: Loading data: URLs from bookmarks or address bar shouldn't inherit principal → Loading data: URLs from bookmarks shouldn't inherit principal
You need to log in before you can comment on or make changes to this bug.