Open
Bug 837791
Opened 12 years ago
Updated 7 months ago
window.open("javascript… opens window with URL shown as "about:blank". // Fake site with URL about:blank
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
NEW
People
(Reporter: skyskif, Unassigned)
Details
(Keywords: regression, reproducible, testcase, Whiteboard: DUPEME?)
Attachments
(1 file, 1 obsolete file)
|
190 bytes,
text/html
|
Details |
User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
Steps to reproduce:
If the method window.open put URL type "javascript:" window will be opened URL "about: blank", which can confuse the user and recognizes them as brakes browser.
Actual results:
In the open window URL "about: blank" with html
Expected results:
In the open window URL "javascript:...."
|
Reporter | |
Comment 1•12 years ago
|
||
This is not just incorrect display URL, ie "about: blank", which is very dangerous if suddenly you can display the file in the "about: blank" it will lead to the theft of the file.
|
||
Updated•12 years ago
|
Group: core-security
|
||
Updated•12 years ago
|
Attachment #709800 -
Attachment mime type: text/plain → text/html
|
||
Comment 2•12 years ago
|
||
Confirmed with 2013-02-04-03-09-41-mozilla-central-firefox-21.0a1.ru.linux-x86_64
Regression range:
WFM: 2008-11-15-01-mozilla-central-firefox-3.1b2pre.en-US.linux-x86_64
WFM: 2008-11-18-01-mozilla-central-firefox-3.1b2pre.en-US.linux-x86_64
bug: 2008-11-19-15-mozilla-central-firefox-3.1b2pre.en-US.linux-x86_64
bug: 2008-11-20-10-mozilla-central-firefox-3.1b2pre.en-US.linux-x86_64
https://hg.mozilla.org/mozilla-central/pushloghtml?startdate=2008-11-18&enddate=2008-11-19+16
Maybe related to bug 610001 or bug 792532?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: regression
Summary: Fake site with URL about:blank → window.open("javascript… opens window with URL shown as "about:blank". // Fake site with URL about:blank
Whiteboard: DUPEME?
|
|
Reporter | |
Updated•11 years ago
|
status-firefox24:
--- → ?
tracking-firefox24:
--- → ?
|
|
Reporter | |
Comment 3•11 years ago
|
||
Firefox version 24
Bug still relevant.
|
|
Reporter | |
Updated•11 years ago
|
Version: 18 Branch → 24 Branch
|
|
||
Comment 4•11 years ago
|
||
Reproduced with 2013-10-01-03-02-04-mozilla-central-firefox-27.0a1.en-US.linux-x86_64. The bug's version field is for the first affected version.
Component: Untriaged → Security
Keywords: reproducible,
testcase
OS: Windows XP → All
Version: 24 Branch → 3.5 Branch
|
|
Reporter | |
Comment 6•11 years ago
|
||
Firefox version 28.0
Bug still relevant.
|
|
Reporter | |
Updated•11 years ago
|
Version: 3.5 Branch → 28 Branch
|
||
Updated•8 years ago
|
Component: Security → DOM
Product: Firefox → Core
|
Assignee | |
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
|
||
Updated•2 years ago
|
Severity: normal → S3
|
|
||
Updated•7 months ago
|
Attachment #9386571 -
Attachment is obsolete: true
You need to log in
before you can comment on or make changes to this bug.
Description
•