<<< Date Index >>>     <<< Thread Index >>>

Re: Mozilla Firefox 1.0.1 Javascript Images are Draggable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 26 Feb 2005, Paul wrote:

A minor security vulnerability exists in the way that Firefox handles cross-domain image dragging. Dragging an image into the address bar will cause Firefox to navigate to the image url even if it is a javascript url and the page to be navigated from is in a different domain than the page on which the image is shown. This may potentially allow attackers to steal cookies, etc.

Just one question: what could possibly compel someone to drag a broken image into their browser's location bar? I'm not trying to be a wiseguy. I'm honestly puzzled as to why anyone would take an obviously broken image and drag it into the browser location bar.

Side note: the behavior you describe is the same if one right-clicks Javascript "image" and selects "View Image" from the pop-up dialog.

User Reccomendations:
Do not drag images into the address bar.

...or hyperlinks. Those too can be obfuscated via Javascript, and they can also be dragged into the location bar.

- -Jay

  (    (                                                        _______
  ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
C|~~|C|~~| (>----- Jay D. Dyson -- jdyson@xxxxxxxxxxxxx -----<) |    = |-'
 `--' `--'  `-I just started World War III.  You're welcome.-'  `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQFCILecBYoRACwSF0cRApf9AKCvKMjf9qrVp/JYHeoL0W4an/a0UgCfXD/q
UVjg8Q/gb6If85CD7SRgEqU=
=Tsr9
-----END PGP SIGNATURE-----