Closed
Bug 1364962
Opened 7 years ago
Closed 7 years ago
You can spam popups and make firefox crash and unresponsive
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 675574
People
(Reporter: loofer, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-dos)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0 Build ID: 20170504105526 Steps to reproduce: I did a short JavaScript script in html page which opens endless amount of popups. Actual results: It opened endless popups and you can close them only with task manager, firefox becomes laggy and it continues to open pages even when there is no internet connection. Expected results: It should ask me before every popup if I want to open it or at least detect that it's endless and warn me.
JS Code for example: while(1==1) window.open("index.html","_blank","toolbar=yes,scrollbars=no,resizable=no,top=0,left=-100000,width=10,height=10"); } Website for testing: http://www.meshiman.tk
Updated•7 years ago
|
Component: Security → DOM
Comment 2•7 years ago
|
||
DUPEME to the bug that says we should limit the number of window.open() calls allowed per user-click. Chrome limits to 1 I believe, but some other small number might be reasonable if legit sites pop open two or three (unlikely, these days).
Blocks: eviltraps
Group: core-security
Updated•7 years ago
|
Keywords: csectype-dos
Comment 3•7 years ago
|
||
(In reply to Daniel Veditz [:dveditz] from comment #2) > DUPEME to the bug that says we should limit the number of window.open() > calls allowed per user-click. Chrome limits to 1 I believe, but some other > small number might be reasonable if legit sites pop open two or three > (unlikely, these days). I'm closing this as a dup. of bug 675574. Feel free to reopen, if I was reading the comment above wrong.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•