Bug 451385
Summary: | Rogue websites can resize Firefox window | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jeff Garzik <jgarzik> |
Component: | firefox | Assignee: | Christopher Aillon <caillon> |
Status: | CLOSED UPSTREAM | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 9 | CC: | gecko-bugs-nobody, mcepl, peterm, stransky, walters |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-12-12 11:03:18 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jeff Garzik
2008-06-13 22:31:47 UTC
Note that this problem occurs on firefox 2.x as well. If this issue turns out to still be reproduceable in the latest updates for this Fedora Core release, please file a bug report in the the upstream bugzilla located at http://bugzilla.mozilla.org in the particular component. Once you've filed your bug report to the upstream bugzilla, if you paste the new bug URL here, Red Hat will continue to track the issue in the centralized upstream bug tracker, and will review any bug fixes that become available for consideration in future updates. Setting status to NEEDINFO, and awaiting upstream bug report URL for tracking. Thanks in advance. This bug report indicates component firefox-3.0-0.60.beta5.fc9.x86_64 which is the latest available from Fedora 9 updates (but I assume you know this???) Upstream bugzilla entry: https://bugzilla.mozilla.org/show_bug.cgi?id=439177 We have to really prioritize heavily about what we can do and what we have not enough resources for, and the latter should be send upstream as soon as possible. Unfortunately this is clearly in the latter camp. Closing as UPSTREAM against the bug you mentioned. Is this not a security issue? Web site A can control the window of Web site B. I really don't think so -- if it bothers you can avoid by changing the configuration of your Firefox. We can argue about defaults, but I don't think it is worthy. Letting to decide Christopher as the highest authority on Firefox matters. It's not a security issue but a javascript bug...you can discuss it at https://bugzilla.mozilla.org/show_bug.cgi?id=144069 |