Vivaldi.net has some JS that updates location.href, allowing a harmless little oddity with URLs
Isildur last edited by
Curious little quirk I just noticed: Go to [url=https://vivaldi.net/en-US/forum/modifications/14331-modding-vivaldi/#_________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________/../../../../../%69%6D%61%67%65%73%2F%61%6E%74%6F%6E%69%6F%2E%70%6E%67]this thread[/url]. After going to that thread, the page looks fine, but notice something funny about what the URL becomes? Hit your tab's Reload button and say hello to our fiery friend. It apparently happens because the site has some JS that updates document.href. I noticed this after someone else accidentally posted a link with a fragment identifier (the "anchor" part of a URL) containing a slash. It doesn't allow anything dangerous, so I guess it doesn't really matter much, as long as people use correct URLs.
Yes, only strange redirects can be done.
I pinged the Vivaldi webdev about this issue.