Closed Bug 1539757 Opened 5 years ago Closed 5 years ago

Tab prompt doesn't close when clicking cancel in some circumstances

Categories

(Toolkit :: UI Widgets, defect, P1)

Product:
Toolkit
Component:
UI Widgets
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla68
Tracking Flags:
Tracking Status
firefox-esr60 --- unaffected
firefox66 --- wontfix
firefox67 + fixed
firefox68 --- fixed

People

(Reporter: proof131072, Assigned: Gijs)

References

(Blocks 1 open bug, Regression)

Details

(Keywords: regression)

Attachments

(1 file)

Bug 1539757 - fix trying to initialize XBL bindings while the prompt is still hidden, r?bgrins
47 bytes, text/x-phabricator-request
pascalc
: approval-mozilla-beta+
Details | Review

Btw, just letting know that I already tell about this issue to the site owner.

It appears this is the problem when we load the script using svg with prompt box.

PoC:

<svg onload=prompt(document.domain)>
<svg onload=prompt(document.domain)>

http://pwning.click/ffsvg.php

I think this is just a bug rather than security issue.

Blocks: eviltraps
Group: firefox-core-security
Has STR: --- → yes

The tab prompt isn't closing correctly for some reason. I suspect bug 1512048...

Keywords: regression, regressionwindow-wanted

Tagging comment #0 as private because the site hasn't bothered fixing the trivial XSS hole...

Testcase: http://pwning.click/ffsvg.php

Blocks: 1512048
Status: UNCONFIRMED → NEW
Has Regression Range: --- → yes
Component: Untriaged → XUL Widgets
Ever confirmed: true
Keywords: regressionwindow-wanted
Product: Firefox → Toolkit
Summary: Continuous script execution even after user navigate to other site → Tab prompt doesn't close when clicking cancel in some circumstances

https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=4b3fc8b9128035c63821078328c73fbc525d1950&tochange=6dd228164d427b7b247e59e7d9d0251206dea83d

I guess I get to deal with this...

Assignee: nobody → gijskruitbosch+bugs
Status: NEW → ASSIGNED
Priority: -- → P1
Pushed by gijskruitbosch@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/de24b08ddc37
fix trying to initialize XBL bindings while the prompt is still hidden, r=bgrins

Backed out changeset de24b08ddc37 (bug 1539757) for causing browser_hidden_document_autofill.js, browser_httpauth.js, test_bug_627616.html to permafail

push that caused the backout: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&revision=de24b08ddc37fd7d3fd29c6b893713d5657269e6

failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&revision=de24b08ddc37fd7d3fd29c6b893713d5657269e6&selectedJob=237048782&searchStr=windows%2C10%2Cx64%2Cdebug%2Cmochitests%2Cwith%2Ce10s%2Ctest-windows10-64%2Fdebug-mochitest-browser-chrome-e10s-4%2Cm-e10s%28bc4%29

https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&revision=de24b08ddc37fd7d3fd29c6b893713d5657269e6&selectedJob=237047750&searchStr=windows%2C10%2Cx64%2Casan%2Cmochitests%2Cwith%2Ce10s%2Ctest-windows10-64-asan%2Fopt-mochitest-browser-chrome-e10s-1%2Cm-e10s%28bc1%29

https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&revision=de24b08ddc37fd7d3fd29c6b893713d5657269e6&selectedJob=237044446&searchStr=linux%2Cx64%2Cquantumrender%2Cdebug%2Cmochitests%2Cwith%2Ce10s%2Ctest-linux64-qr%2Fdebug-mochitest-e10s-15%2Cm-e10s%2815%29

https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&revision=de24b08ddc37fd7d3fd29c6b893713d5657269e6&selectedJob=237046627&searchStr=windows%2C7%2Cdebug%2Cfirefox%2Cfunctional%2Ctests%2C%28remote%29%2Cwith%2Ce10s%2Ctest-windows7-32%2Fdebug-firefox-ui-functional-remote-e10s%2Cfxfn-r-e10s%28en-us%29

backout: https://hg.mozilla.org/integration/autoland/rev/12fa4d0520ad825314a552cdffb87297e8d83748

Flags: needinfo?(gijskruitbosch+bugs)
Flags: needinfo?(gijskruitbosch+bugs)
Pushed by gijskruitbosch@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/7c9d92502ec9
fix trying to initialize XBL bindings while the prompt is still hidden, r=bgrins

https://hg.mozilla.org/mozilla-central/rev/7c9d92502ec9

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox68: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla68

Comment on attachment 9054473 [details]
Bug 1539757 - fix trying to initialize XBL bindings while the prompt is still hidden, r?bgrins

Beta/Release Uplift Approval Request

  • Feature/Bug causing the regression: Bug 1512048
  • User impact if declined: Unclosable prompt dialogs
  • Is this code covered by automated tests?: Yes
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: n/a
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): This is a relatively small fix, with automated test coverage.
  • String changes made/needed: nope
Attachment #9054473 - Flags: approval-mozilla-beta?
No longer blocks: 1512048
Regressed by: 1512048

Comment on attachment 9054473 [details]
Bug 1539757 - fix trying to initialize XBL bindings while the prompt is still hidden, r?bgrins

P1 regression on XUL widgets, small fix with tests, approved for 66 beta 8, thanks.

Attachment #9054473 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: