Closed Bug 151253 Opened 22 years ago Closed 22 years ago

file:// links are not opened in frame environment

Categories

(Core :: Networking: File, defect)

Product:
Core
Component:
Networking: File
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 84128

People

(Reporter: marggraf, Assigned: dougt)

References

(
URL
)

Details

(Keywords: verifyme) 

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1a) Gecko/20020610
BuildID:    2002061108

When linking within a frameset environment to a local file via file://, this
file will not be opened/displayed in the frame assigned for display.

Also the link is not displayed when not target frame or target="_top" is
defined. One does not get any error message in the case the file does not exist.
Opening the link into a new window/tab via the right-click menu does not work
either.

Opening such a link in a new window seems to work correctly _only_ on middle-click.

Basic demonstration on http://www.astro.uni-bonn.de/~marggraf/test/

Reproducible: Always
Steps to Reproduce:
1. Go to the URL I stated above.
2. Play with the links and see (hopefully).


Actual Results:  The 3rd link on that test page will not open into the lower frame.
It will not open on "Open link in new tab/window" from the menu.
It will open in a new window/tab on middle-click only.

Expected Results:  The 3rd link on that test page opens into the lower frame.
correcting URL to make it absolute...
URL: www.astro.uni-bonn.de/~marggraf/test/http://www.astro.uni-bonn.de/~marggra...
RESOLVED/DUPE.

*** This bug has been marked as a duplicate of 122022 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
reporter: can you VERIFY if you got the pref to work or saved the file to local
disk and got it to work?
Keywords: verifyme
I'm not sure wheter I get your request correctly. Please correct me if it's not
what you wanted to know. 

What DOES definitely WORK (reproduced in 1.1b, build 2002072204) is a mouse
middle-click on the file:// link, with "Open tab on middle-click" activated in
the prefs. The file:// link is then opened and displayed in a new tab. This
behaviour SHOULD be disabled for security reasons, as I understand (see also bug
#151491).

Saving the file:// link target to disk via the left-click menu does also work
(as it should be, I guess).

All other ways of opening/displaying the file:// link are disabled, as far as I
know.
REOPEN:

I duped to the wrong bug..., however let's discuss the what is going on here.

If your top-level page came from a remote, network server (http or https URL),
then your frame cannot work if it points to a file: URL.

Open the javascript console. Click on the links in your provided page.
Not the error when you click on the file:///etc/issue link.

If you want to make this work as expected, you need to set security.checkloadURI
to true in about:config.

If you can reproduced the log error I've described, this is a dupe. 

As for the open in new tab security issues, this is still undecided in bug 148418.
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---

*** This bug has been marked as a duplicate of 84128 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago22 years ago
Resolution: --- → DUPLICATE
Yep, I agree that it's rather a dupe of 84128.

For the protocol:
I get the expected security error ("content at ... may not load or link to
file:///..."), and an "error: uncaught exception: Load of file://etc/issue denied."

So let's wait for 84128 to be solved in some clean way.
You need to log in before you can comment on or make changes to this bug.