Open Bug 1372085 Opened 7 years ago Updated 2 years ago

Freezing browser via notifications API

Categories

(Core :: DOM: Core & HTML, defect, P2)

Product:
Core
Component:
DOM: Core & HTML
Type:
defect

Tracking

()

People

(Reporter: gfxsraul, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: csectype-dos)

Attachments

(1 file)

Bug 1372085 - Cache notification permission requests on the window.
59 bytes, text/x-review-board-request
Details 
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/51.0.2704.106 Chrome/51.0.2704.106 Safari/537.36
Firefox for Android

Steps to reproduce:

As a developer, by implementing the following JavaScript code in a page, a client's browser will be freezed instantly when opening that page. Simple solution: wait for an answer from the pop-up "ask for permission notification", if answer is "false" then re-enter while loop.

while(Notification.permission !== "granted") Notification.requestPermission();


Actual results:

Browser freezed instantly when opening a page containing that code


Expected results:

Press "allow button" - ok, nothing happens any more
Press "do not allow button" / "cancel" / "X" - re-enter while loop and pop-up appears again
Group: firefox-core-security → core-security
Component: Untriaged → DOM
Product: Firefox → Core
Group: core-security → dom-core-security
William, can you take a look?
Group: dom-core-security
Flags: needinfo?(wchen)
Keywords: csectype-dos
Flags: needinfo?(william) → needinfo?(mrbkap)
Blocks: eviltraps
Priority: -- → P2
With a bunch of patience, we actually do recover from this. I think we can do better though. I have a patch that fixes things for Notification, but we have a similar problem with geolocation and presumably persistent storage. In the case of geolocation, I was able to dismiss prompt but then content shutdown took too long and I had to kill it, presumably because we were leaking permission request objects. I'll see if I can generalize my patch to fix all of the permission request types at the same time.
Assignee: nobody → mrbkap
Flags: needinfo?(mrbkap)
(In reply to Blake Kaplan (:mrbkap) from comment #2)
> With a bunch of patience, we actually do recover from this. I think we can
> do better though. I have a patch that fixes things for Notification, but we
> have a similar problem with geolocation and presumably persistent storage.
> In the case of geolocation, I was able to dismiss prompt but then content
> shutdown took too long and I had to kill it, presumably because we were
> leaking permission request objects. I'll see if I can generalize my patch to
> fix all of the permission request types at the same time.

In case you got bogged down by other issues, would you mind posting a WIP so that whoever is interested could try to complete the bug? I wouldn't have time to do it at this point either, I just came across the bug again and figured that would be good. :)

Thanks!
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Flags: needinfo?(mrbkap)
The patch is what I had at the time. It would need to be generalized, but I was also wondering if it could be done entirely in JS instead of C++ (on the frontend side of things).
Flags: needinfo?(mrbkap)
Assignee: mrbkap → nobody
Status: ASSIGNED → NEW
Component: DOM → DOM: Core & HTML

It's back. The behavior is a little different but the repro is the same.

firefox 77.0.1 (64-bit) on osx.

Now it doesn't crash or freeze firefox right away. I get prompted to stop a slow page. When I press stop, pages get kind weird, new pages stop loading. Tabs are able to switch but stop responding. Eventually firefox appears to crash anyway.

Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: