Bugtraq mailing list archives
Re: Mozilla Firefox 1.0.1 Javascript Images are Draggable
From: "Jay D. Dyson" <jdyson () treachery net>
Date: Sat, 26 Feb 2005 09:53:29 -0800 (PST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 26 Feb 2005, Paul wrote:
A minor security vulnerability exists in the way that Firefox handles cross-domain image dragging. Dragging an image into the address bar will cause Firefox to navigate to the image url even if it is a javascript url and the page to be navigated from is in a different domain than the page on which the image is shown. This may potentially allow attackers to steal cookies, etc.
Just one question: what could possibly compel someone to drag a broken image into their browser's location bar? I'm not trying to be a wiseguy. I'm honestly puzzled as to why anyone would take an obviously broken image and drag it into the browser location bar.
Side note: the behavior you describe is the same if one right-clicks Javascript "image" and selects "View Image" from the pop-up dialog.
User Reccomendations: Do not drag images into the address bar.
...or hyperlinks. Those too can be obfuscated via Javascript, and they can also be dragged into the location bar.
- -Jay ( ( _______ )) )) .-"There's always time for a good cup of coffee"-. >====<--. C|~~|C|~~| (>----- Jay D. Dyson -- jdyson () treachery net -----<) | = |-' `--' `--' `-I just started World War III. You're welcome.-' `------' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (TreacherOS) Comment: See http://www.treachery.net/~jdyson/ for current keys. iD8DBQFCILecBYoRACwSF0cRApf9AKCvKMjf9qrVp/JYHeoL0W4an/a0UgCfXD/q UVjg8Q/gb6If85CD7SRgEqU= =Tsr9 -----END PGP SIGNATURE-----
Current thread:
- Mozilla Firefox 1.0.1 Javascript Images are Draggable Paul (Feb 26)
- Re: Mozilla Firefox 1.0.1 Javascript Images are Draggable Jay D. Dyson (Feb 26)