Open
Bug 832913
Opened 12 years ago
Updated 11 months ago
DoS using unknown content-type objects
Categories
(Firefox :: File Handling, defect, P3)
Firefox
File Handling
Tracking
()
NEW
People
(Reporter: ojab, Unassigned)
References
(Depends on 1 open bug, Blocks 1 open bug)
Details
(Keywords: csectype-dos, sec-low)
Attachments
(3 files)
download-subdialog.png
1. Open a page that has 1k objects with unknown content-type 2. Got 1k download windows. This is clearly DoS, which is happens on several sites, for example, if Flash plugin isn't installed. See also Bug 376599.
Testcase has many "<iframe src="https://bugzilla.mozilla.org/attachment.cgi?id=704494"></iframe>" lines, so you'll have many download windows.
Attachment #704495 -
Attachment mime type: text/plain → text/html
|
||
Updated•12 years ago
|
|
||
Updated•12 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
|
||
Updated•8 years ago
|
Product: Core → Firefox
Version: Trunk → unspecified
|
||
Comment 3•4 years ago
|
||
For cases where we have tab relationship we could show this dialog in the TabDialogBox.
|
|
||
Updated•3 years ago
|
|
||
Comment 4•2 years ago
|
||
In the process of migrating remaining bugs to the new severity system, the severity for this bug cannot be automatically determined. Please retriage this bug using the new severity system.
Severity: major → --
|
|
||
Comment 5•11 months ago
|
||
The severity field is not set for this bug.
:Gijs, could you have a look please?
For more information, please visit BugBot documentation.
Flags: needinfo?(gijskruitbosch+bugs)
|
||
Comment 6•11 months ago
|
||
We no longer show this dialog by default, but this isn't going to be fully fixed until we address bug 1711049.
Severity: -- → S3
Flags: needinfo?(gijskruitbosch+bugs)
Priority: -- → P3
You need to log in
before you can comment on or make changes to this bug.
Description
•