Closed
Bug 1373353
Opened 7 years ago
Closed 7 years ago
Web page loads basic auth login prompt, starts playing audio about adware/spyware/virus, unable to close tab
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
DUPLICATE
of bug 613785
People
(Reporter: gps, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-dos, sec-low)
Somehow the following page loaded in my Nightly: http://13-554x0001x0-virus.com/en/?id=KzEgKDg4OCkgNzUzLTE2NDc Unless you really want poke at it, I advise not clicking the link and watching https://youtu.be/xvEkuS__bfI instead. It displayed what looked like a Windows Defender warning box. It started playing audio telling me my machine was infected and to call a number. Page also features an emulated pointer that moves randomly around the screen. At first I thought it was actually overriding mouse inputs! It also opens a basic auth login prompt that steels focus so you can't click the X in the tab bar to close the tab nor use keyboard shortcuts for closing the tab. You have to click cancel in the basic auth prompt multiple times before you are allowed to interact with the Firefox chrome to nuke the tab. And to top it off, attempting to close opens a new tab and reloads the page. This is without question the most annoying web experience I've had in several years. I'd like to think my user agent would put me in more control in situations like this. By contrast, Chrome exhibits most of the same behavior. However you are able to close the tab with the basic auth prompt active and the page doesn't reopen on tab close. Not sure where to begin with bug reports. So filing in Firefox :: General and CCing dveditz.
Comment 1•7 years ago
|
||
Wow, that is obnoxious. Any idea what lead to that page load?
Updated•7 years ago
|
Blocks: eviltraps
Keywords: csectype-dos,
sec-low
Comment 3•7 years ago
|
||
Wennie, this seems interesting to fix. Can you figure out where it goes, please?
Flags: needinfo?(wleung)
Hi Jonathan, please take a look at this bug.
Flags: needinfo?(wleung) → needinfo?(jkt)
Reporter | ||
Comment 5•7 years ago
|
||
(In reply to Jeff Bryner [:jeff] (use NEEDINFO) from comment #1) > Wow, that is obnoxious. Any idea what lead to that page load? I landed on a non-mainstream news site following a Google search. I suspect this badness got loaded through an ad somehow, as the site was full of ads.
Updated•7 years ago
|
Component: General → DOM: Security
Product: Firefox → Core
Comment 6•7 years ago
|
||
bug 613785 (tab-modal auth prompts) would go a long way to making this better, or at least chrome-equivalent. Most of the other tricks are covered by other dependencies of the "eviltraps" bug.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Comment 7•7 years ago
|
||
Clearing ni. This likely needs UX to work on the tab modal/doorhanger for Bug 613785, Wennie we might want to put some resource on deciding how it should look.
Flags: needinfo?(jkt)
You need to log in
before you can comment on or make changes to this bug.
Description
•