Closed
Bug 5826
Opened 26 years ago
Closed 25 years ago
paste allowed into file selection controls
Categories
(Core :: Security, defect, P3)
Tracking
()
VERIFIED
INVALID
M11
People
(Reporter: cpratt, Assigned: norrisboyd)
References
()
Details
build id: 1999043099
reproduced on: windows nt 4
not sure if this is a problem, but you can paste things directly into the file
selection control. this seems that it might be a security issue as
malicious javascript could paste a typical file path into the file selection
control and submit a form without a user's knowledge.
otoh, i am not knowledgeable about this kind of thing, so feel free to provide
feedback. on the mac version of nav 4.51, paste is not possible into a text
field, for example - but it is allowed on 4.6 under nt.
yeah, this would definately be a problem. Client technology security
(non-crypto) is only very recently starting to get added. It is definately cool
to pop anything you think is 'fishy' into a bug, that way it'll be tracked.
(I couldn't get to the marmot.net url)
So, in regards to file input field. "you can paste things directly into the file
selection control", Do you mean standard OS cut & paste? That would be ok.
The most recent discussion I'm aware of regarding the form file upload resulted
in a decision that in the future (5.0), we should have a separate warning dialog
specifically for form file uploads, because of all the times we've had security
firedrill surrounding this feature.
The dialog should specifically list the path and file names of the items being
uploaded.
It's possible with this dialog, we eliminate the need to try and control
automatic entry into the file upload field. You could have default values, or
javascript that updates the value. In the end, you would always get the dialog
that lists whats being sent, before it gets sent.
It should be possible to turn the dialog off (default being on), and turning it
back on again. It should be the user's right to turn it off, but it would be
there decision and their risk.
Reassigning to norris for his thoughts, and perhaps reassignment to another
developer.
Assignee | ||
Updated•26 years ago
|
Status: NEW → ASSIGNED
Hardware: PC → All
Assignee | ||
Comment 2•26 years ago
|
||
We don't have any JavaScript-directed way to paste text, do we? As long as the
user is doing the pasting, that's okay.
Assignee | ||
Updated•26 years ago
|
Target Milestone: M11
Assignee | ||
Updated•25 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → INVALID
Assignee | ||
Comment 3•25 years ago
|
||
Unless we can get a test case that shows how JavaScript can paste into the
widget, I think this bug is invalid.
Bulk moving all Browser Security bugs to new Security: General component. The
previous Security component for Browser will be deleted.
Component: Security → Security: General
You need to log in
before you can comment on or make changes to this bug.
Description
•