<link> referenced icon misconstrued as CSS and blocked

[al_9x]

Hotmail page references an icon like this:

Code: Select all

<link rel="icon" type="image/x-icon" href="http://gfx2.hotmail.com/mail/w4/m3/ltr/mfav.ico" />

NS blocks it

[NoScript] Blocking cross site CSS served from http://gfx2.hotmail.com/mail/w4/m3/ltr/mfav.ico with wrong type info image/x-icon ...

[Giorgio Maone]

That's really weird.

Code: Select all

var ph = PolicyState.extract(channel);
        if (ph) {
          var ctype = ph.contentType;
          var origin = ABE.getOriginalOrigin(channel) || ph.requestOrigin;
          if (origin && (ctype === 2 || ctype === 4) && this.getBaseDomain(origin.host) != this.getBaseDomain(channel.URI.host)) {

ph should be null for favicons, and so origin.
Furthermore, ctype == 2 means script and ctype == 4 means CSS, and this info comes from Gecko...

[al_9x]

This is in a new wave4 Hotmail, I take it you can't repro since you don't have it yet? You could wait till you get upgraded or if you want, give me some debug code to patch. It doesn't cause any problems, I only noticed it while investigating something else, but seems worth understanding.

[Giorgio Maone]

Can you consistently reproduce it?
Is that LINK element the only reference to that file?
I tried the running following URL on a whitelisted page, and the icon successfully changed (after some seconds, looks like the server is fairly overloaded) with no NoScript interference:

Code: Select all

javascript:var l=document.createElement("link");l.rel="icon";l.type="image/x-icon";l.href="http://gfx2.hotmail.com/mail/w4/m3/ltr/mfav.ico";document.getElementsByTagName("head")[0].appendChild(l);alert("done")

[al_9x]

Can you consistently reproduce it?

Yes, new profile, defaults.

Is that LINK element the only reference to that file?

There are (only) two. Both the root page (/default.aspx) and its iframe (/mail/InboxLight.aspx) have identical <link> lines. The one that's blocked is from /default.aspx. The icon still loads and is shown. The console log indicates that it's loaded twice and blocked once (request, response, block, request, response) A sniffer shows two requests.

However I can't repro on a simple test page with an iframe, both with icon <links>. There I get two requests and no block (request, response, request, cached response). The sniffer, due two the second cached response shows only one request. It seems likely to be timing sensitive.

[al_9x]

You should have new Hotmail now.

[therube]

("new Hotmail". Yeah, isn't that wonderful. Hotmail seems to think that SeaMonkey is some sort of portable device .)

[al_9x]

("new Hotmail". Yeah, isn't that wonderful. Hotmail seems to think that SeaMonkey is some sort of portable device .)

Can you repro the issue from this thread in Firefox? Open the inbox (do a shift-reload on the inbox just in case), open the error console, select messages, and see if you have something like:

[NoScript] Blocking cross site CSS served from http://gfx1.hotmail.com/mail/w4/m3/ltr/mfav.ico with wrong type info image/x-icon