Security issue? || document.domain can be hooked using Object.defineProperty

Won’t fix Issue #113499

Details

Created
May 2, 2014
Privacy
This issue is public.
Found in build #
0.0011
Reports
Reported by 0 people

Sign in to watch or report this issue.

Steps to reproduce

URL =

URL:

Repro Steps:

<script>
Object.defineProperty(document, 'domain’, {
'get’: function(){return 'good.com’}
});

Object.defineProperty(document, 'location’, {
'get’: function(){return "nasd.com"}
});

</script>

<script>
alert("My document.domain is " + document.domain);
alert("My document.location is " + JSON.stringify(document.location));

</script>

Expected Results:

document.domain is commonly used for security in client-side code. A code might check whether the current domain is good before they do security sensitive actions.

Its a security concern to allow document.domain to be hooked.

Actual Results:

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Justin R.”

      Changed Assigned To from “Justin R.” to “Travis L.”

      Changed Status to “Won’t fix”

    You need to sign in to your Microsoft account to add a comment.

    Sign in