Closed Bug 1348644 Opened 7 years ago Closed 7 years ago

Copied part of URL suggestions in awesomebar that contain both '?' and '&' is just symbols (U+E5E5)

Categories

(Firefox :: Address Bar, defect)

52 Branch
x86
Windows 10
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 1346140
Tracking Status
firefox-esr45 --- unaffected
firefox52 --- wontfix
firefox-esr52 - wontfix
firefox53 --- unaffected
firefox54 --- unaffected
firefox55 --- unaffected

People

(Reporter: rick3162, Unassigned)

References

Details

(Keywords: csectype-uaf, regression, sec-high, Whiteboard: [regressed by Bug 1330593])

Attachments

(1 file)

Attached video Video_2017-03-19_130524.wmv (deleted) —
To reproduce:

in a clean FF52 stable profile:
- open https://forums.informaction.com/
- click 'NoScript Development' subforum link (in my case it was: https://forums.informaction.com/viewforum.php?f=10&sid=63659c6b69f4b5d56e09bdbd19915a5f)
- open new tab, and close the above link and all others.
- type 'dev' in awesomebar: the above link will be displayed as a suggestion
- press the Down key to select/highlight the suggestion and press Home: the suggestion will now appear inserted in awesomebar and the cursor will be on the left/start of it
- now copy the part 'https://forums.informaction.com' via mouse
- here is what the copied text is: 

I also attach a video capture.


PS. I haven't manage to recreate this with other URLs.
Status: UNCONFIRMED → NEW
Has Regression Range: --- → no
Has STR: --- → yes
Ever confirmed: true
OS: Unspecified → Windows 10
Hardware: Unspecified → x86
Summary: Copied part of a specific URL suggestion in awesomebar is just symbols → Copied part of a specific URL suggestion in awesomebar is just symbols (U+E5E5)
Version: unspecified → 52 Branch
I tried to find the regression range but (as I describe in bug 1348867)
I'm getting a 404 in the 6th step.
Anyway, the final pushlog_url is https://hg.mozilla.org/releases/mozilla-release/pushloghtml?fromchange=1f0fc9316e65cd171b03d4382b4c0f7443a258dc&tochange=d75a1dba431fd3e3e44cb06ce7f545f1a358948a
but displays way too many pushed changesets (all on 3/27) to be of use.


Also, (thanks to therube) I quote from http://forums.mozillazine.org/viewtopic.php?p=14738701#p14738701 a precise description of the issue:

> More likely a combination of "?" & "&" in the URL.
> 
> So... type "&" into the urlbar
> Search through the dropdown for a URL that also includes "?"
> 
> Play around with that URL & most likely you'll duplicate the issue.
> 
> Heh, even your "bad" URL works:
> https://hg.mozilla.org/integration/autoland/json-pushes?changset=d75a1dba431fd3e3e44cb06ce7f545f1a358948a&full=1
Summary: Copied part of a specific URL suggestion in awesomebar is just symbols (U+E5E5) → Copied part of URL suggestions in awesomebar that contain both '?' and '&' is just symbols (U+E5E5)
[Tracking Requested - why for this release]: Broken UX cut & paste

This seems fixed by Bug 1328025 in 53.
Regression window:
https://hg.mozilla.org/releases/mozilla-beta/pushloghtml?fromchange=e293c1aa1c10d38b271b48742650d97a4ee5061e&tochange=93b639dcd0c2c6231932bdd8279dc858f6596bf6

Via local build,
Last Good: ec8f0f613a8c
First Bad: 93b639dcd0c2

Regressed by: 93b639dcd0c2	Jan de Mooij — Bug 1330593 part 1 - Allow non-flat external strings. r=jwalden, r=bz, a=jcristau



And fixed by Bug 1328025 in 53.

:mats,
If the risk of bug 1328025 is low, I think it is worth uplifting to ESR 52.
Flags: needinfo?(mats)
Flags: needinfo?(jdemooij)
Whiteboard: [regressed by Bug 1330593]
Let's lock this bug for now. It's likely a duplicate of bug 1346140, I'll land that tomorrow.

Bug 1328025 is not the right fix for this that we should uplift. It probably just happens to hide the problem.
Group: firefox-core-security
Flags: needinfo?(mats)
Depends on: 1346140
No longer depends on: 1328025
Flags: needinfo?(jdemooij)
Alice, can you confirm this is fixed now on Nightly? I can't reproduce the problem with the STR in comment 0.
Flags: needinfo?(alice0775)
(In reply to Jan de Mooij [:jandem] from comment #5)
> Alice, can you confirm this is fixed now on Nightly? I can't reproduce the
> problem with the STR in comment 0.

Bug 1328025 hides the problem on 53+ as you describe in comment#4.
So, I cannot confirm the root cause is fixed or not.

Anyway, I cannot reproduce the problem on Nightly(2017-03-24).
Though, I can reproduce this on Firefox52.0.1.
Flags: needinfo?(alice0775)
In addition to the comment #6,

I manually back Bug 1328025 out from Nightly(2017-03-22). And I can reproduce the problem.

And I manually back Bug 1328025 out from Nightly(2017-03-24). And I can verify that the
problem is no longer reproduce. So, the root cause seems to have been fixed between 2017-03-22 and 2017-03-24.
(In reply to Alice0775 White from comment #7)
> So, the root cause seems to have been fixed between 2017-03-22 and 2017-03-24.

Thanks a lot for checking this! Bug 1346140 landed in that range so let's mark this as duplicate.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Group: firefox-core-security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: