Location bar "Go" button is not subject to the javascript: URL security changes in bug 656433

VERIFIED FIXED in Firefox 6

Status

()

Firefox
Location Bar
VERIFIED FIXED
6 years ago
6 years ago

People

(Reporter: Jesse Ruderman, Assigned: Gavin)

Tracking

(Blocks: 1 bug)

Trunk
Firefox 6
x86
Mac OS X
Points:
---
Dependency tree / graph
Bug Flags:
in-testsuite +

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Reporter)

Description

6 years ago
(split from bug 658220)
Created attachment 533818 [details] [diff] [review]
patch
Assignee: nobody → gavin.sharp
Status: NEW → ASSIGNED
Attachment #533818 - Flags: review?(dao)
Comment on attachment 533818 [details] [diff] [review]
patch

>+          function loadCurrent(url, postData) {
>+            // Pass LOAD_FLAGS_DISALLOW_INHERIT_OWNER to prevent any loads from
>+            // inheriting the currently loaded document's principal.
>+            let flags = Ci.nsIWebNavigation.LOAD_FLAGS_ALLOW_THIRD_PARTY_FIXUP |
>+                        Ci.nsIWebNavigation.LOAD_FLAGS_DISALLOW_INHERIT_OWNER;
>+            gBrowser.loadURIWithFlags(url, flags, null, null, postData);
>+          }

>+              loadCurrent(url, postData);

>+            loadCurrent(url, postData);

It looks like url and postData are already in loadCurrent's scope and don't need to be passed in.
Attachment #533818 - Flags: review?(dao) → review+
Created attachment 533851 [details] [diff] [review]
updated patch
Attachment #533818 - Attachment is obsolete: true
http://hg.mozilla.org/mozilla-central/rev/e5663e0e20b3
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Flags: in-testsuite+
Target Milestone: --- → Firefox 6

Updated

6 years ago
Depends on: 672813
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:6.0) Gecko/20100101 Firefox/6.0

Verified issue on Mac OS X 10.6. "Go" button is no longer a subject to the javascript: URL.

Setting resolution to VERIFIED FIXED.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.