180753 - It is possible to do a popup window that does not go away - if that can take the whole screen you need to kill Mozilla somehow or maybe even reboot

Status: RESOLVED WORKSFORME

(Core :: XUL, defect)

Description

[bsharma]

This bug is reported as the issue in the module review and jrgm asked me to make
a bug out of it.

Comment 1

[Stephen P. Morse]

Unless you tell how it is possible to do this, there's no meat in this bug
report and no way that anyone can fix it.  Also, is this just a
denial-of-service attack rather than a security attack and, if so, shouldn't we
open this report and probably mark it wont-fix.  There are many DOS scenarios I
can come up with that we know we won't/can't fix such as having a window open
another instance of itself in its onunload handler, or even having a script that
goes into an infinite loop of opening windows.

Comment 2

[Heikki Toivonen (remove -bugzilla when emailing directly)]

DoS attack so I won't object too much if this is going to become public.

We came up with this during a security review. I can't remember how such a
dialog can be made (maybe a popup menu that fills the screen?), but jag or some
other XUL expert should know.

We still want to fix DoS attacks as well (although they are not as urgent as
security fixes), so WONTFIX does not sound good.

Comment 3

[Heikki Toivonen (remove -bugzilla when emailing directly)]

Investigate whether <xul:window onclose="event.preventDefault();return true;"/>
(or is that return false?) can prevent the window from being closed.

jrgm, would you have some time to test that?

Comment 4

[Mitchell Stoltz (not reading bugmail)]

Reassigning to jrgm. John, can you write a testcase for this?

Comment 5

[Mitchell Stoltz (not reading bugmail)]

Just tried the test as described in comment 3, and it does not prevent the
window being closed. I'm marking this WFM.

Comment 6

[Daniel Veditz [:dveditz]]

Removing confidential flag from resolved WFM bugs