233740 – Handling of pasted text leads to significant privacy leak

Bug 233740 - Handling of pasted text leads to significant privacy leak

Summary: Handling of pasted text leads to significant privacy leak

Keywords:
Status:	CLOSED INSUFFICIENT_DATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	firefox
Sub Component:
Version:	6
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	---
Assignee:	Gecko Maintainer
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-03-24 12:04 UTC by Thomas Roessler
Modified:	2018-04-11 17:57 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-01-15 14:38:25 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Thomas Roessler 2007-03-24 12:04:15 UTC

Description of problem:
 Firefox reacts to URIs that are "pasted" into the main window by dereferencing
them. That's a highly useful feature. For a while now, it reacts to *text* that
gets pasted by submitting it to Google and trying to dereference the first
search result. That's a privacy leak: Using X11, pasting text inadvertently into
firefox is a relatively frequent failure mode in user interactions, induced e.g.
by mis-clicking right next to a link with the middle mouse button when trying to
follow it in a new window / tab; there's a related usability problem that arises
with laptops' touchpads reacting in unintended ways.

 Firefox should not by default pass non-URI text that is pasted into its main
window to a search engine, but report an error.


Version-Release number of selected component (if applicable):
 1.5.0.10

Comment 1 Matěj Cepl 2007-12-10 09:23:27 UTC

Fedora Core 6 is no longer supported, could you please reproduce this with the
updated version of the currently supported distribution (Fedora 7, 8, or
Rawhide)? If this issue turns out to still be reproducible, please let us know
in this bug report. If after a month's time we have not heard back from you, we
will have to close this bug as CANTFIX.

Setting status to NEEDINFO, and awaiting information from the reporter.

[This is mass-filed message to all open Fedora Core 6 bugs related to Xorg or
Gecko. If you see any other reason, why this bug shouldn't be closed, please,
comment on it here.]

Comment 2 Matěj Cepl 2008-01-15 14:38:25 UTC

Since there are insufficient details provided in this report for us to
investigate the issue further, and we have not received feedback to the
information we have requested above, we will assume the problem was not
reproducible, or has been fixed in one of the updates we have released for the
reporter's distribution.

Users who have experienced this problem are encouraged to upgrade to the latest
update of their distribution, and if this issue turns out to still be
reproducible in the latest update, please reopen this bug with additional
information.

Closing as INSUFFICIENT_DATA.

{This is mass-closing of all obsolete bugs; if this bug was in your opinion
closed by mistake, please, reopen it with additional information; thanks a lot
and I am sorry for bothering you in such case.}

Note You need to log in before you can comment on or make changes to this bug.