?

Log in

No account? Create an account
Firefox 1.0/1.1 bug? - brad's life — LiveJournal [entries|archive|friends|userinfo]
Brad Fitzpatrick

[ website | bradfitz.com ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Firefox 1.0/1.1 bug? [May. 8th, 2005|05:28 am]
Brad Fitzpatrick
[Tags|]

Both Firefox 1.0.3 and the almost-1.1 nightly builds have an interesting feature/bug.

You can dynamically load JavaScript (from any URL) from Javascript and Firefox won't send along the HTTP Referer (sic) header.

Test with, say:
function js_include (uri) {
  var se = document.createElement("script");
  se.src = uri;
  document.body.appendChild(se);
}

....

js_include("http://victim.example.com/");
Now, imagine if every LJ page contained that. Every LJ user could be DoS'ing some other site, with no Referer header saying we requested it.

Dear Lazyweb, tell me what other browsers do/send. I'd go upstairs and use IE on Dina's laptop but I'm too lazy to install ethereal on it. Plus I should go back to bed.

Update: Couldn't sleep. Results:

Firefox/1.0.2 (Debian package 1.0.2-2): No Referer
Firefox/1.0.1 (Windows): Referer
IE 6: Referer

So is this a regression from 1.0.1 to 1.0.2, or is it a Linux/Windows thing?

Update#2:
Firefox/1.0.1 (Linux, not Debian): No Referer

Looking like a Linux thing.
LinkReply

Comments:
[User Picture]From: jwz
2005-05-08 09:44 pm (UTC)
For some reason, people who write web browsers have generally been completely incompetent at getting the Referer header generated properly (sending the wrong one when you hit "Back"; sending whatever page was previously loaded into the current window; and shit like that.) I don't think Mac versions of Netscape ever got it right.
(Reply) (Thread)
[User Picture]From: brad
2005-05-08 10:01 pm (UTC)
It looks like there are about 3 dozen Referer bugs in bugzilla.mozilla.org right now, all like what you described: wrong/missing referrers when anything halfway different is done.
(Reply) (Parent) (Thread)