STX Control Character Weirdness in Firefox
I ran into some bizarre issues a while ago that I couldn’t replicate and I couldn’t log because of the issue itself - which is that I couldn’t properly cut and paste the information out of a textarea. This evening I finally had a chance to run ethereal and dump the packets and after quite a bit of testing I found the real problem. STX control characters (0×02) cause some pretty random issues within Firefox both with cutting and pasting as well as viewing source. STX stands for start of text. Click here for the ASCII chart
After about 5 minutes messing around with bvi I was able to come up with a working example. Click here in Firefox to see the STX control character issue. Then try to cut and paste from the text area. Then view source. Then try to select all the text within the source. Not looking so good is it? It really feels like there may be more here, but without more tests it would be hard to isolate the problem.
I’m actually surprised I’ve never noticed this before during my tests with my fuzzer. Click here to find out more about control characters. Anyway, like I said, it’s weirdness. I’m not sure what other implications it may have but I’m eager to hear other people’s opinions.
December 6th, 2006 at 10:02 pm
I was able to cut and paste in Firefox 2.0 on Mac OS 10.4.8 without any noticeable problems.
December 6th, 2006 at 10:04 pm
OTOH, when I viewed source, the formatting was pretty screwed up. Not sure what that means other than the browser obviously doesn’t handle control characters gracefully.
December 6th, 2006 at 10:41 pm
Yah, I’m really not sure what that means other than the weirdness. I didn’t control-A control-C to cut, I used my mouse to highlight. Don’t know how you did that. Maybe it’s a Windows issue.
December 6th, 2006 at 11:05 pm
I could copy paste the source code fine (using ctrl-a or the mouse). Screenshot here:
http://img82.imageshack.us/img82/4185/screenshotnp3.png
When I tried selecting the contents of the textarea (using ctrl-a or mouse) I’d always end up with the following:
http://img82.imageshack.us/img82/5305/screenshot1hp1.png
I had actually noticed this before (at least I think it’s this), when decoding certain strings from base64 using this decoder: http://www.opinionatedgeek.com/dotnet/tools/Base64Decode/
December 6th, 2006 at 11:07 pm
I jus realised that on the first screenshot I posted the view source window doesn’t show the code as it should look, but, as you can see, it did copy correctly and when the source code wasn’t highlighted it all looked as it should.
December 7th, 2006 at 9:23 am
Interesting. Yours looks different than mine, slightly. Maybe it has different effects with different plugins or something.
December 7th, 2006 at 3:55 pm
Yeah i had the same issue a while back with javascript AES encryption, but it only flawed on my linux box, in winxp i had no problems.
still this rocks:
http://www.graphicsguru.com/asciifirefox.php
January 15th, 2007 at 5:52 am
At least on Windows the issue seems to be that text display treats STX as a visible character whereas caret and selection code treats it as an invisible one. Selecting text with the keyboard works though the caret isn’t where it should be. Anyway, this issue seems to be fixed in Firefox trunk nightlies (probably because of the major rewrite in the caret code).