comp.lang.javascript archive
[Security] C++ code for "javascript:" in string value (was: setTimeout() & ECMA)
Date: Wed Mar 15 2006 - 00:11:58 CET
VK wrote:
> Thomas 'PointedEars' Lahn wrote:
>> What is most interesting is that this source code also makes it clear
>> that Gecko 1.8.0-based UAs (such as Firefox 1.5.0.1) will not handle
>> timeouts or intervals shorter than 10 milliseconds (nsGlobalWindow.cpp,
>> lines 6044 to 6049, and 191 and 192). So if you provide a smaller value,
>> the actual timeout/interval length will be 10 milliseconds.
>
> Excellent research.
Thanks.
> My Santas had to run many miles since December
> before things started to go right :-)
>
>
<http://groups.google.com/group/comp.lang.javascript/browse_frm/thread/31734a3b21535ff5/eb99e9ae13739a95>
Unsurprisingly, your code is unnecessarily complicated and proprietary.
However, I find it very disturbing that referring to a JavaScript string
value that contains C++ source code with "javascript:..." as `src' of an
`img' element actually works in Gecko. Hopefully this is a security leak
that is fixed soon. Unless I miss something important here.
PointedEars
Received on Mon May 1 04:03:43 2006