Closed Bug 1425402 Opened 6 years ago Closed 6 years ago

Modal popups are constantly exploited by malicious sites

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
57 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 432687

People

(Reporter: netmosfera, Unassigned)

Details

(Keywords: steps-wanted) 

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Build ID: 20171206182557

Steps to reproduce:

Firefox really needs to do something in regard. Modal popups of ANY kind (http login window, onunload, confirm resend post data, others?) are used by malicious sites to paralyze the entire browser in order to force the user to perform an action, like installing untrustworthy programs/extensions.

Every time this happens I am forced to terminate the process from the task manager, because if a modal is active I cannot terminate the tab, I cannot switch to another tab, I can't even close the browser unless I'm doing it from the task manager.

This kind of stuff exists anywhere on the internet and you can't avoid. A seemingly legit link on facebook or twitter that captures your curiosity and sbaam, you got your entire browser trapped in that **** with no way out. Please fix it.


Actual results:

Browser paralyzed.


Expected results:

I should be able to terminate the tab even if a modal is active on that tab.
Component: Untriaged → Security
Keywords: steps-wanted
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.