Closed Bug 78191 Opened 25 years ago Closed 25 years ago

about: -> about:credits doesn't display

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
VERIFIED DUPLICATE of bug 77203

People

(Reporter: lidl, Assigned: security-bugs)

References

(
URL
)

Details

If one starts a fresh build of the browser (In my case, a pull of the 0.9 cvs branch from last night.) with the home page of about:blank. Then type in "about:" into the location bar. This displays normally. Then click on the Contributors link of the displayed page. Nothing changes -- ie, the link is not followed. If you middle-mouse click (open in new window) the link, it will start a new browser window and show the about:credits page. Typing in "about:credits" into the location bar works too... I'm not sure if this is the same bug as 60541 or not -- I certainly don't have to fiddle with my debug menu to have it occur every time. -Kurt
*** Bug 78192 has been marked as a duplicate of this bug. ***
Right... In a debug build, the console says: The link to about:credits was blocked by the security manager. Remote content may not link to local content. Which is the problem. "about:" should not be "remote content". Or "about:credits" should not be "local content". os=platform=all. settins status to new. See also bug 40024
Assignee: asa → blakeross
Status: UNCONFIRMED → NEW
Component: Browser-General → XP Apps: GUI Features
Ever confirmed: true
Keywords: mozilla0.9.1
OS: BSDI → All
QA Contact: doronr → sairuh
Hardware: Other → All
Mitch, can you help?
Note that you get the same message when you click on the URL: link from bugzilla (http->about). Why is about:* restricted? (The reason that about: can't load about:blank is because the sourcespec is resource:///chrome/en-US.jar, so the same-protocol check fails. It also references a chrome: url as an img source, which will probably fail one of these days)
I'll fix this. I restricted about: URLs a bit because of a possible exploit.
Assignee: blakeross → mstoltz
QA Contact: sairuh → ckritzer
Component-> Security: General
Component: XP Apps: GUI Features → Security: General
dub of bug 77203 due it has a patch.
Good catch *** This bug has been marked as a duplicate of 77203 ***
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → DUPLICATE
Marking VERIFIED DUPLICATE.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.