Closed Bug 1173831 Opened 6 years ago Closed 4 months ago
Location Bar Spoofing using fullscreen Mode, On
Click and On Touch Start event (can't exit the fullscreen mode)
Whiteboard: Same impact and same severity as bug1161367
Attachment #8621017 - Attachment mime type: application/zip → application/java-archive
If we don't store site fullscreen state, this should be a pretty easy fix (i.e. an Android dialog with a callback) - the hardest part is rounding up all of the fullscreen code to go through the same method to ensure the dialog is called everytime. Finkle, is there an existing place we can access and store site fullscreen settings (e.g. likely shared with desktop)?
(In reply to Michael Comella (:mcomella) from comment #1) > If we don't store site fullscreen state, this should be a pretty easy fix > (i.e. an Android dialog with a callback) - the hardest part is rounding up > all of the fullscreen code to go through the same method to ensure the > dialog is called everytime. > > Finkle, is there an existing place we can access and store site fullscreen > settings (e.g. likely shared with desktop)? Looks like the fullscreen permissions are regular nsIPermissionManager permissions: http://mxr.mozilla.org/mozilla-central/source/browser/base/content/browser-fullScreen.js#425 It looks like we never implemented this UI for Fennec, so you're right, we should do that.
Since I don't have many other pressing obligations...
Assignee: nobody → michael.l.comella
Status: UNCONFIRMED → NEW
Ever confirmed: true
I just noticed bug 1160017, which is removing this permission. I haven't read the details closely, but you should look into that to see how we can address this security issue without implementing the fullscreen permission UI.
(In reply to :Margaret Leibovic from comment #4) > I just noticed bug 1160017, which is removing this permission. I was linked to  for extra information for this bug. : http://people.mozilla.org/~mverdi/projects/fullscreen/
This is a user annoyance, not a security problem. Every time it pops back into fullscreen the floater announces that you've gone back (plus your Android status bar at the top gets covered). It will be clear to users that the site is playing games. This trick makes that tab useless, but depending on how you got there you can keep hitting the back button (without touching the page), or use the menu button to open a new tab, and from there get into the tab management pane and close the malicious one.
Going to unassign and nominate to see if we want to prioritize this, especially given comment 8.
Assignee: michael.l.comella → nobody
tracking-fennec: --- → ?
tracking-fennec: ? → -
Did we do anything to make this better? I don't get as stuck as I remember in the past -- the location bar comes back and if you can touch that you're in good shape. Then again maybe a malicious page could have interesting content and wait for you to scroll enough to get rid of the URL bar before going into trap-mode.
I didn't do anything at the time and I haven't been following fennec updates so I don't know. It's possible something changed with the photon toolbar updates. [triage] Not a security bug, non-critical.
Priority: -- → P3
We have completed our launch of our new Firefox on Android. The development of the new versions use GitHub for issue tracking. If the bug report still reproduces in a current version of [Firefox on Android nightly](https://play.google.com/store/apps/details?id=org.mozilla.fenix) an issue can be reported at the [Fenix GitHub project](https://github.com/mozilla-mobile/fenix/). If you want to discuss your report please use [Mozilla's chat](https://wiki.mozilla.org/Matrix#Connect_to_Matrix) server https://chat.mozilla.org and join the [#fenix](https://chat.mozilla.org/#/room/#fenix:mozilla.org) channel.
Status: NEW → RESOLVED
Closed: 4 months ago
Resolution: --- → INCOMPLETE
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.