Exit fullscreen after Window resizeBy() or resizeTo()
Categories
(Core :: DOM: Core & HTML, task)
Tracking
()
People
(Reporter: edgar, Assigned: edgar)
References
Details
(4 keywords, Whiteboard: [reporter-external] [client-bounty-form] [verif?][sec-survey][post-critsmash-triage][adv-main98+][adv-esr91.7+])
Attachments
(4 files, 1 obsolete file)
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta-
RyanVM
:
approval-mozilla-esr91+
tjr
:
sec-approval+
|
Details | Review |
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta-
RyanVM
:
approval-mozilla-esr91+
tjr
:
sec-approval+
|
Details | Review |
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta-
RyanVM
:
approval-mozilla-esr91+
tjr
:
sec-approval+
|
Details | Review |
177 bytes,
text/plain
|
Details |
Split off from https://bugzilla.mozilla.org/show_bug.cgi?id=1740389#c7.
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Comment 1•3 years ago
|
||
In each platform, if the popup window is in maximum sizemode and script tries to resize the window, the popup window would exit the maximum mode to resize, so I think it also makes sense that the fullscreen window exits fullscreen mode to resize for consistency.
Assignee | ||
Comment 2•3 years ago
|
||
Assignee | ||
Comment 3•3 years ago
|
||
Depends on D133734
Assignee | ||
Comment 4•3 years ago
|
||
Hmm, I am still working on a patch for Windows platform, Windows platform behaves a bit different than others.
Assignee | ||
Comment 5•3 years ago
|
||
Depends on D133735
Comment 6•3 years ago
|
||
Status update - patch under review, need to address some comments
Comment 7•3 years ago
|
||
Updated•3 years ago
|
Assignee | ||
Comment 8•3 years ago
|
||
Comment on attachment 9255216 [details]
Bug 1742421 - Part 1: [widget/gtk] Exit fullscreen when changing sizemode;
Security Approval Request
- How easily could an exploit be constructed based on the patch?: Might be easy to know there are bugs around fullscreen and size mode change, but need to resize the window before the notification is shown and also need to resize the window to very wide to hide the fullscreen notification
- Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?: No
- Which older supported branches are affected by this flaw?: All
- If not all supported branches, which bug introduced the flaw?: None
- Do you have backports for the affected branches?: Yes
- If not, how different, hard to create, and risky will they be?: Should be easy to create
- How likely is this patch to cause regressions; how much testing does it need?: Unlikely, the changes are straightforward and have been tested manually, we have a lot of fullscreen tests and will also add one in bug 1745915 for this change
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Updated•3 years ago
|
Comment 9•3 years ago
|
||
Comment on attachment 9255216 [details]
Bug 1742421 - Part 1: [widget/gtk] Exit fullscreen when changing sizemode;
Approved to land and request uplift
Comment 10•3 years ago
|
||
Comment on attachment 9255217 [details]
Bug 1742421 - Part 2: [widget/cocoa] Exit fullscreen when changing sizemode;
Approved to land and request uplift
Comment 11•3 years ago
|
||
Comment on attachment 9258481 [details]
Bug 1742421 - Part 3: [widget/windows] Exit fullscreen when changing sizemode;
Approved to land and request uplift
![]() |
||
Comment 12•3 years ago
•
|
||
Part 1: [widget/gtk] Exit fullscreen when changing sizemode; r=stransky
https://hg.mozilla.org/integration/autoland/rev/8131fb235ef4f52bec8f5fadc0f8f62d147ffd0c
https://hg.mozilla.org/mozilla-central/rev/8131fb235ef4
Part 2: [widget/cocoa] Exit fullscreen when changing sizemode; r=mac-reviewers,mstange
https://hg.mozilla.org/integration/autoland/rev/945f4f4097e41d287193b607b53f60e13b98f575
https://hg.mozilla.org/mozilla-central/rev/945f4f4097e4
Part 3: [widget/windows] Exit fullscreen when changing sizemode; r=mhowell,edgar
https://hg.mozilla.org/integration/autoland/rev/75ac5875c5e3d12ebb414650ccf53f48d8ee01a6
https://hg.mozilla.org/mozilla-central/rev/75ac5875c5e3
fix lint failures. r=fix
https://hg.mozilla.org/integration/autoland/rev/9dc5214f65960a5f0cf24d490c3fe90330ceb25f
https://hg.mozilla.org/mozilla-central/rev/9dc5214f6596
Comment 13•3 years ago
|
||
As part of a security bug pattern analysis, we are requesting your help with a high level analysis of this bug. It is our hope to develop static analysis (or potentially runtime/dynamic analysis) in the future to identify classes of bugs.
Please visit this google form to reply.
Updated•3 years ago
|
Comment 14•3 years ago
|
||
Please nominate this for Beta & ESR approval when you get a chance.
Assignee | ||
Comment 15•3 years ago
|
||
Comment on attachment 9255216 [details]
Bug 1742421 - Part 1: [widget/gtk] Exit fullscreen when changing sizemode;
Beta/Release Uplift Approval Request
- User impact if declined: Fullscreen notification could be hidden if a page tries to resize the window during the fullscreen transition.
- Is this code covered by automated tests?: No
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: 1. Visit test attached in https://bugzilla.mozilla.org/show_bug.cgi?id=1740389#c4
- Click "Launch" button
- Tap anywhere on the popup page
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The risk should be low, the changes are straightforward and only affect when the sizemode changes during fullscreen.
There are some refactoring on Windows platform but the changes are unlikely to cause regressions. - String changes made/needed: None
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: This is a sec-high bug.
- User impact if declined: Fullscreen notification could be hidden if a page tries to resize the window during the fullscreen transition.
- Fix Landed on Version: 97
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The risk should be low, the changes are straightforward and only affect when the sizemode changes during fullscreen.
There are some refactoring on Windows platform but the changes are unlikely to cause regressions.
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Comment 16•3 years ago
|
||
Comment on attachment 9255217 [details]
Bug 1742421 - Part 2: [widget/cocoa] Exit fullscreen when changing sizemode;
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: This is a sec-high bug.
- User impact if declined: Fullscreen notification could be hidden if a page tries to resize the window during the fullscreen transition.
- Fix Landed on Version: 97
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The risk should be low, the changes are straightforward and only affect when the sizemode changes during fullscreen. There are some refactoring on Windows platform but the changes are unlikely to cause regressions.
Assignee | ||
Updated•3 years ago
|
Comment 17•2 years ago
|
||
Per Slack discussion with Chris and Tom, this needs to bake another cycle before we uplift.
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Comment 18•2 years ago
|
||
(In reply to Edgar Chen [:edgar] (away ~ 02/25) from comment #15)
- If yes, steps to reproduce: 1. Visit test attached in https://bugzilla.mozilla.org/show_bug.cgi?id=1740389#c4
- Click "Launch" button
- Tap anywhere on the popup page
I reproduced the issue using old Nightly build from 2021-11-22, verified using latest Nightly across platforms (Windows 10, macOS 11.6 and Ubuntu 18.04) that the window enters full screen and exits right away.
One thing I noticed is that the pop-up window does not resize to its original size, it covers all the screen and on Windows it it wider then the screen. Noticed that on other browsers that particular window resizes to its original size. Is this something we can be concerned about?
Comment 19•2 years ago
|
||
Edgar is still away for a while.
Chris, you reviewed the patch on Windows widget side
Can you follow up with comment 18 please?
Comment 20•2 years ago
|
||
From my perspective, there isn't any exploit based on the behavior mentioned in Comment 18, which means that maybe we want to fix it, but it would be a lower-priority UX enhancement and not a sec bug.
But I don't think I'm qualified to really say that there aren't some security implications to it. Maybe I can rope Daniel Veditz in here and he might be able to say with some confidence whether or not this is a potential security issue?
Comment 21•2 years ago
|
||
That sure seems like a bug, but I also see that behavior in Firefox Release after I manually press ESC to leave fullscreen on this testcase. Doesn't seem to be a side-effect of this particular fix. We should file a spec-compliance/compatibility bug on it if there isn't one already, but I can't think of any benefit this would give an attacker. They could already resizeTo() themselves into this state without going through fullscreen.
Comment 22•2 years ago
|
||
Thanks, in that case I'll mark this as verified on 98.
Updated•2 years ago
|
Comment 23•2 years ago
|
||
Comment on attachment 9255216 [details]
Bug 1742421 - Part 1: [widget/gtk] Exit fullscreen when changing sizemode;
Approved for 91.7esr.
Updated•2 years ago
|
Updated•2 years ago
|
Comment 24•2 years ago
|
||
uplift |
Comment 25•2 years ago
|
||
Also verified fixed on esr91 across platforms (Windows 10, Ubuntu 18.04 and macOS 11.6) using build https://treeherder.mozilla.org/jobs?repo=mozilla-esr91&revision=6214d2494910e47c3836379b9538f1b8cffc09ca from treeherder.
Updated•2 years ago
|
Comment 26•2 years ago
|
||
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•26 days ago
|
Description
•