Closed Bug 5826 Opened 26 years ago Closed 25 years ago

paste allowed into file selection controls

Categories

(Core :: Security, defect, P3)

All
Windows NT
defect

Tracking

()

VERIFIED INVALID

People

(Reporter: cpratt, Assigned: norrisboyd)

References

()

Details

build id: 1999043099 reproduced on: windows nt 4 not sure if this is a problem, but you can paste things directly into the file selection control. this seems that it might be a security issue as malicious javascript could paste a typical file path into the file selection control and submit a form without a user's knowledge. otoh, i am not knowledgeable about this kind of thing, so feel free to provide feedback. on the mac version of nav 4.51, paste is not possible into a text field, for example - but it is allowed on 4.6 under nt.
Assignee: tomw → lord
Assignee: lord → norris
yeah, this would definately be a problem. Client technology security (non-crypto) is only very recently starting to get added. It is definately cool to pop anything you think is 'fishy' into a bug, that way it'll be tracked. (I couldn't get to the marmot.net url) So, in regards to file input field. "you can paste things directly into the file selection control", Do you mean standard OS cut & paste? That would be ok. The most recent discussion I'm aware of regarding the form file upload resulted in a decision that in the future (5.0), we should have a separate warning dialog specifically for form file uploads, because of all the times we've had security firedrill surrounding this feature. The dialog should specifically list the path and file names of the items being uploaded. It's possible with this dialog, we eliminate the need to try and control automatic entry into the file upload field. You could have default values, or javascript that updates the value. In the end, you would always get the dialog that lists whats being sent, before it gets sent. It should be possible to turn the dialog off (default being on), and turning it back on again. It should be the user's right to turn it off, but it would be there decision and their risk. Reassigning to norris for his thoughts, and perhaps reassignment to another developer.
Status: NEW → ASSIGNED
Hardware: PC → All
We don't have any JavaScript-directed way to paste text, do we? As long as the user is doing the pasting, that's okay.
Target Milestone: M11
Blocks: 12633
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → INVALID
Unless we can get a test case that shows how JavaScript can paste into the widget, I think this bug is invalid.
Verified invalid.
Status: RESOLVED → VERIFIED
Bulk moving all Browser Security bugs to new Security: General component. The previous Security component for Browser will be deleted.
Component: Security → Security: General
You need to log in before you can comment on or make changes to this bug.