Bugtraq mailing list archives

RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)

From: Thor Larholm <Thor () jubii dk>
Date: Tue, 30 Apr 2002 20:07:22 +0200

Demonstration:
==============

A fully dynamic proof-of-concept demonstration
of this issue is available at
http://security.greymagic.com/adv/gm001-ns/.


As some of you may have noticed, the above proof-of-concept does not work in
Mozilla 1.0 Release Candidate 1.

Don't get your hopes high about this though, the issue has not been fixed in
moz1rc1 - the XMLHttpRequest was simply broken in this version of the
browser for unknown reasons, a fact not mentioned in the release notes. When
trying to use it, either nothing happens or the browser crashes. The
proof-of-concept works just fine in Mozilla 0.9.9 (and NS6.1+), and would
work fine in moz1rc1 if the XMLHttpRequest object could be used at all.

The Mozilla XML-Extras project also includes a document.load method that is
used to load XML documents. The same issue applies to this method, and a
proof-of-concept demonstration that also works in moz1rc1 can be found at

http://jscript.dk/2002/4/NS6Tests/documentload.html

Regards
Thor Larholm
Jubii A/S - Internet Programmer

Current thread:

Reading local files in Netscape 6 and Mozilla (GM#001-NS) GreyMagic Software (Apr 30)
- Re: Reading local files in Netscape 6 and Mozilla (GM#001-NS) Jordan K Wiens (Apr 30)
- <Possible follow-ups>
- RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS) Thor Larholm (Apr 30)
  - RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS) Rui Miguel Silva Seabra (Apr 30)
- RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS) Thor Larholm (Apr 30)