Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Fx 3 showing strange "URL is not valid and cannot be loaded" message

0 views
Skip to first unread message

themys...@gmail.com

unread,
Jun 23, 2008, 11:00:41 PM6/23/08
to
When I, or my extension, try to load this url:

http://192.168.123.100:591/classic.php?myname=+%3CMETA+HTTP-EQUIV%3D%22refresh%22+CONTENT%3D%220%3B+URL%3Dhttp%3A%2F%2F%3BURL%3Djavascript%3Adocument.vulnerable%3Dtrue%3B%22%3E+

Firefox 3 shows an alert box saying "URL is not valid and cannot be
loaded" however I don't see anything the EC (EC^2, really) that gives
even a hint. This did not happen in Firefox 2.

Here's the kicker:

http://192.168.123.100:591/classic.php?yname=+%3CMETA+HTTP-EQUIV%3D%22refresh%22+CONTENT%3D%220%3B+URL%3Dhttp%3A%2F%2F%3BURL%3Djavascript%3Adocument.vulnerable%3Dtrue%3B%22%3E+

(same as above except parameter myname is now yname) does not trigger
the issue. Also changing myname to a longer name does not trigger the
issue.

Oh, a final note: the page does load fine. And when I view source
everything looks like I expect. When view source is reloaded the
message does *not* come up.

Any ideas on what's the source of this?

Thanks!

themys...@gmail.com

unread,
Jun 24, 2008, 6:25:45 PM6/24/08
to
On Jun 23, 11:00 pm, "themystic...@gmail.com" <themystic...@gmail.com>
wrote:

> When I, or my extension, try to load this url:
>
> http://192.168.123.100:591/classic.php?myname=+%3CMETA+HTTP-EQUIV%3D%...

>
> Firefox 3 shows an alert box saying "URL is not valid and cannot be
> loaded" however I don't see anything the EC (EC^2, really) that gives
> even a hint. This did not happen in Firefox 2.
>
> Here's the kicker:
>
> http://192.168.123.100:591/classic.php?yname=+%3CMETA+HTTP-EQUIV%3D%2...

>
> (same as above except parameter myname is now yname) does not trigger
> the issue. Also changing myname to a longer name does not trigger the
> issue.
>
> Oh, a final note: the page does load fine. And when I view source
> everything looks like I expect. When view source is reloaded the
> message does *not* come up.
>
> Any ideas on what's the source of this?
>
> Thanks!

Lucy found a pseudo fix. Basically if you clear cookies this problem
sorta goes away.

The problem with the fix is that clearing the user's cookies every
time they run the extension isn't really a fix I can use :(.

Also, the popup still comes up if I go directly to that url but not if
I get it using JS:

var ioserv = Components.classes["@mozilla.org/network/io-
service;1"] .getService(Components.interfaces.nsIIOService);
var channel = ioserv.newChannel("http://192.168.123.100:591/
classic.php?yname=+%3CMETA+HTTP-EQUIV%3D%22refresh%22+CONTENT%3D%220%3B
+URL%3Dhttp%3A%2F%2F%3BURL%3Djavascript%3Adocument.vulnerable%3Dtrue%3B
%22%3E+", 0, null);
var stream = channel.open();
var sis = Components.classes["@mozilla.org/
scriptableinputstream;
1"].createInstance(Components.interfaces.nsIScriptableInputStream);
sis.init(stream);
alert(sis.read(sis.available()));

Any ideas on what's going on and how to stop it?

0 new messages