Closed Bug 788295 Opened 12 years ago Closed 12 years ago

Cross Origin location reads

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 720619

People

(Reporter: devd, Unassigned)

Details

(Keywords: sec-other, Whiteboard: [sg:dupe 720619]) 

Go to http://www.ashanet.org/berkeley/f1.php on current Firefox, and then on nightly. In first case, security error and the access fails (since toString is not allowed). The second case, the cross-origin code gets to read the location.

This seems like a same origin policy bypass to me.
Is there a regression range?
Assignee: general → nobody
Component: JavaScript Engine → XPConnect
This is bug 720619. Fix should be landing as soon as Eddy gets back from vacation, then we'll be backporting it.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
Keywords: sec-other
Whiteboard: [sg:dupe 720619]
Group: core-security
You need to log in before you can comment on or make changes to this bug.