Re: [Full-Disclosure] mozilla firefox 0.8 - linux (probably mozilla too) cut/paste (semi) vulnerability
From: nicolas vigier (boklm_at_mars-attacks.org)
Date: 04/28/04
- Previous message: Gary E. Miller: "RE: [Full-Disclosure] no more public exploits and general PoC gui de lines"
- In reply to: Michael Williamson: "[Full-Disclosure] mozilla firefox 0.8 - linux (probably mozilla too) cut/paste (semi) vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Michael Williamson <mwilliamson@falcon.tamucc.edu> Date: Wed, 28 Apr 2004 20:06:29 +0200
On Wed, 28 Apr 2004, Michael Williamson wrote:
> This isn't as much a typical vulnerability as it is poorly-designed
> behavior. I've noticed when cutting/pasting data (unix style, w/middle
> mouse button) into a Web form, any attempt to paste into an area without
> first clicking on the input will result in firefox doing a google search
> on the contents of the paste. If I happen to be cutting/pasting
> confidential data, this is bad.
Yes. It's not a bug, it's a feature :)
When you paste an url on a webpage, the url is loaded. If it's not an
url then it is searched on google (or the search engine you selected).
It's possible to disable this behavior if you don't like it, add this
line in your user.js file :
user_pref("middlemouse.contentLoadURL", false);
more infos on this page :
http://www.mozilla.org/unix/customizing.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Gary E. Miller: "RE: [Full-Disclosure] no more public exploits and general PoC gui de lines"
- In reply to: Michael Williamson: "[Full-Disclosure] mozilla firefox 0.8 - linux (probably mozilla too) cut/paste (semi) vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
