Open
Bug 845194
Opened 11 years ago
Updated 1 year ago
Cross-domain drag and drop across IFrames.
Categories
(Core :: DOM: Copy & Paste and Drag & Drop, defect)
Core
DOM: Copy & Paste and Drag & Drop
Tracking
()
NEW
People
(Reporter: ahamed.nafeez, Unassigned)
References
()
Details
(Keywords: csectype-spoof, sec-moderate)
User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.97 Safari/537.22 Steps to reproduce: Drag the contents/view-source of a page in to a cross-domain IFrame. Actual results: The Contents/view-source of the page becomes successfully available in a TextArea inside the cross-origin IFrame. Expected results: The contents/view-source details should be allowed to be extracted cross-domain. Here's the PoC, http://test.skepticfx.com/iframe/dragff.php?url=http://www.owasp.org This is a defect in the previous fix for a similar bug. https://bugzilla.mozilla.org/show_bug.cgi?id=605991
Reporter | ||
Updated•11 years ago
|
Updated•11 years ago
|
Updated•11 years ago
|
Comment 3•11 years ago
|
||
Matt, could you see if this still reproduces? A similar bug has been fixed. Thanks.
Flags: needinfo?(mwobensmith)
Comment 5•11 years ago
|
||
Firefox Aurora and latest Nightly are still vulnerable to this (new poc: https://pastie.se/6751704e)
Updated•11 years ago
|
OS: Windows 7 → All
Hardware: x86 → All
Version: 19 Branch → Trunk
Comment 6•11 years ago
|
||
(In reply to ahamed.nafeez from comment #0) > Expected results: > > The contents/view-source details should be allowed to be extracted > cross-domain. I assume "should NOT be allowed"?
Reporter | ||
Comment 7•11 years ago
|
||
Yep! It was a typo. (In reply to Florian Bender from comment #6) > (In reply to ahamed.nafeez from comment #0) > > Expected results: > > > > The contents/view-source details should be allowed to be extracted > > cross-domain. > > I assume "should NOT be allowed"?
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•