Content-generated event issue possibly broke up my NS8's UI
You are here:  SillyDog701 > Message Centre > Firefox, SeaMonkey and Netscape > [sdt=9401]
SillyDog701 Forums
Author Message
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
16 Jul, 2005 5:48 pm Content-generated event issue possibly broke up my NS8's UI [sdp=60524]  
It seems that when testing new Firefox's and Mozilla Suite's security issue called "Content-generated event vulnerabilities" and handled at Mozilla Foundation Security Advisory 2005-45 my Netscape 8.0.2's user interface broke up permanently.
Testcase URL located at https://bugzilla.mozilla.org/show_bug.cgi?id=294323
was used (it is made by bug's author).

!Test at your own risk when visiting Bugzilla!

Test url is at the beginning of the Bugzilla entry (ww.krickelkrackel.de/testing....) and named as onFullScreen() issue. Some untrusted events has been used.

Bugzilla report's Status: is RESOLVED and FF1.0.5 is not affected (no Suite nightly etc. in this machine).

Results:
Status Bar, Tab Bar, and dropdown menus disappeared after clicking krickelkrackel.de test link. New browser window (Ctrl+N) was needed to open or browser restart needed to use dropdown menus etc.
According to MFSA2005-45:

Quote:
"The problems ranged from minor annoyances like switching tabs or entering full-screen mode".


I have contacted Netscape Communications that version 8.0.2 is affected to this earlier this week.

It was not possible to use keyboard shortcuts like Alt+F to try exit the browser or to enable menus from View dropdown menu etc.

BUT:
'Don't try this at home' if NS is your only installed browser and you have no a newinstallation package for NS or FF etc. downloaded.

But very interesting is that this happened only with XP Home Edition, the XP Pro installation of my another computer was immune.
I'll send a screenshot. For example, there is no focus in main title bar etc.
Please no comments about my UA, because I have now 1.0.4 installed to see how this works in 1.0.4 (and there is no Finnish version of 1.0.5 available like we know). But I have downloaded and used 1.0.5, of course!

Edit: It is here:


(Original image was too wide, resized by Antony. Please resize images before adding them for inline images.)

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Back to top profile website
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
16 Jul, 2005 6:44 pm [sdp=60528]  
The difference between Firefox and Netscape is that after restart Firefox's UI is totally normal again. Just noticed that you can use Alt+F in FF to switch to File menu (it is floating, however) and then restart a browser. And all Windows user know Alt+F4, of course Cool

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Back to top profile website
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
19 Jul, 2005 4:36 am [sdp=60632]  
Another screenshot:


(Original image was too wide, resized by Antony.)

http://www.networksecurity.fi/samples/ns802_broken_UI_2SD.PNG

It is interesting to know if other testers has similar experiences?

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Last edited by J-M on 19 Jul, 2005 5:12 am; edited once(1)
Back to top profile website
Mandrake
Moderator


Joined: 13 Sep 2002
Posts: 3882
19 Jul, 2005 4:54 am [sdp=60633]  
Please resize the above image so that it is no wider than 550 pixels wide.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5
Core i7 920 | ASUS P6T Deluxe v2 | 3TB+ HDD | 12GB Corsair DDR3 | Radeon 4890 Xfire | X-Fi Titanium Fatal1ty | Logitech Z-5500 Speakers | Dell 3008WFP | Seven RC1
Back to top profile
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
19 Jul, 2005 5:19 am [sdp=60634]  
Mandrake wrote:
Please resize the above image so that it is no wider than 550 pixels wide.

Done. Please, is it possible to rename [sdp=60524]'s image name to ns802_broken_UISD.PNG as well, editing was not possible any more Wink . This is a permission too Smile. An updated image is available, i.e. ...UISD.PNG link works.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Back to top profile website
Antony
Site Admin


Joined: 18 Jun 2002
Posts: 12754
Location: Sydney, Australia
19 Jul, 2005 5:27 am [sdp=60635]  
Not affect in Safari, but if it can make toolbar and status bars away, I'd congratulation on coder's ability. Razz

UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/412.6 (KHTML, like Gecko) Safari/412.2
MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.
Back to top profile website
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
19 Jul, 2005 5:31 am [sdp=60636]  
Thanks for co-operation in image resizing and first comments. Wink

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Back to top profile website
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
19 Jul, 2005 10:59 am [sdp=60648]  
Netscape 7.2 in Windows XP is affected too:

Text 'Some toolbars...' is generated by a PoC page.




UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Back to top profile website
Display posts from previous:   
Reply to topic    Forum Index > Firefox, SeaMonkey and Netscape All times are CST (GMT -6)
page 1 of 1
To add your questions, comments, and for more features and more, please join SillyDog701 Message Centre. It's free! This is SillyDog 701 Message Centre (SD701 Forums).

Led Zeppelin iTunes

*Search | FAQ | Rules and Policies | MozInfo701 - Mozilla Information Centre | SD701 Open Directory | Message Board Map | download Netscape