-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 26 Feb 2005, Paul wrote:
A minor security vulnerability exists in the way that Firefox handles cross-domain image dragging. Dragging an image into the address bar will cause Firefox to navigate to the image url even if it is a javascript url and the page to be navigated from is in a different domain than the page on which the image is shown. This may potentially allow attackers to steal cookies, etc.
Just one question: what could possibly compel someone to drag a broken image into their browser's location bar? I'm not trying to be a wiseguy. I'm honestly puzzled as to why anyone would take an obviously broken image and drag it into the browser location bar.
Side note: the behavior you describe is the same if one right-clicks Javascript "image" and selects "View Image" from the pop-up dialog.
User Reccomendations: Do not drag images into the address bar.
...or hyperlinks. Those too can be obfuscated via Javascript, and they can also be dragged into the location bar.
- -Jay
( ( _______ )) )) .-"There's always time for a good cup of coffee"-. >====<--. C|~~|C|~~| (>----- Jay D. Dyson -- jdyson@xxxxxxxxxxxxx -----<) | = |-' `--' `--' `-I just started World War III. You're welcome.-' `------'
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (TreacherOS) Comment: See http://www.treachery.net/~jdyson/ for current keys.
iD8DBQFCILecBYoRACwSF0cRApf9AKCvKMjf9qrVp/JYHeoL0W4an/a0UgCfXD/q UVjg8Q/gb6If85CD7SRgEqU= =Tsr9 -----END PGP SIGNATURE-----
