If a malicious site uses the view-source: protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making view-source: linkable.
If a malicious site uses the view-source: protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making view-source: linkable.
https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/#CVE-2017-5422 https://bugzilla.mozilla.org/show_bug.cgi?id=1295002