Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T11655, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 9655 - Susceptibility of pages to malicious forwarding

Summary:	Susceptibility of pages to malicious forwarding

Status: RESOLVED DUPLICATE of bug 9526 Product: MediaWiki Classification: Unclassified Component: Parser (Other open bugs) Version: 1.10.x Hardware: PC All Importance: Normal major with 1 vote (vote) Target Milestone: --- Assigned To: Nobody - You can work on this! URL: Whiteboard: Keywords: Depends on: Blocks:   Show dependency tree / graph		Reported: 2007-04-21 21:53 UTC by Martin Peeks Modified: 2007-04-22 03:03 UTC (History) CC List: 1 user (show) Platonides See Also: Web browser: --- Mobile Platform: --- Assignee Huggle Beta Tester: ---

Attachments Add an attachment (proposed patch, testcase, etc.)

Description Martin Peeks 2007-04-21 21:53:21 UTC In <http://en.wikipedia.org/w/index.php?title=Alternate_reality_game&oldid=124684781>, when anywhere in the display is clicked, the browser is forwarded to another site. The diff < http://en.wikipedia.org/w/index.php?title=Alternate_reality_game&diff=124684781&oldid=124196403 > shows that the cause is some HTML code inserted into the edit view. Comment 1 Platonides 2007-04-21 22:01:39 UTC Not an html code, but a huge transparent link. Maybe font-color: transparent should be forbidden ? Comment 2 Aryeh Gregor (not reading bugmail, please e-mail directly) 2007-04-22 03:03:06 UTC *** This bug has been marked as a duplicate of 9526 ***