1798219 - Run requestFullscreen and reuse window.open simultaneously in blocking event loop able to overlap fullscreen notification

Status: VERIFIED FIXED

(Core :: DOM: Core & HTML, defect, P2)

Description

[Irvan Kurniawan [:sourc7]]

Attachment: quicktestcase.html

While the event loop is busy then click button to run requestFullScreen and click button to re-launch window.open with same windowName to gain focus, then once the JS event loop is no longer busy, both function will be executed simultaneously, interestingly the focused popup window able to overlap fullscreen notification toast.

For now I'm attaching a quick testcase to demonstrate it can overlap with fullscreen notifications tested working on Linux (X11 and Wayland).

Tested on:

• Firefox Nightly 108.0a1 (2022-10-30) (64-bit) on Arch Linux (X11 and Wayland)
• Firefox Nightly 108.0a1 (2022-10-30) (64-bit) on Ubuntu 22.04.1 LTS (X11 and Wayland)
• Firefox 106.0.1 (64-bit) on Arch Linux (X11 and Wayland)
• Firefox 102.4.0esr (64-bit) on Arch Linux (X11 and Wayland)

Steps to reproduce:

1. Open Firefox on Linux (X11 or Wayland)
2. Visit attached quicktestcase.html
3. Click "Launch Main Window"
4. (On new main popup window)
5. Click "Launch Spoof Window"
6. Minimize the spoof window
7. Click "Block Event Loop"
8. (While the button and page is freeze)
9. Click "requestFullscreen"
10. Click "reFocus"
11. After a few seconds focused popup window will overlap fullscreen notification toast

Comment 1

[Irvan Kurniawan [:sourc7]]

Attachment: Firefox - Run requestFullScreen and relaunch window.open in blocking event loop able to overlap fullscreen notification.mp4

Comment 2

[Daniel Veditz [:dveditz]]

This is a lot of convoluted steps you'd have to elicit from the user. Clicks to get the popups are easy, but after the first popup won't they be a little suspicious? Why would they minimize the next popup? If it's in their way they would likely just close it, or maybe slide it off to the side.

In the end, though, it did successfully cover up the toast in your movie, leading to a fullscreen spoof (didn't seem to work on mac, though). I assume you could redraw the fullscreen page into something useful before the user sees it? Or does blocking the event loop prevent that?

Comment 3

[Edgar Chen [:edgar] (PTO until 02/09)]

Bug 1814597 should also fix this.

Comment 4

[Timea Zsoldos [:zstimi/tzsoldos], Desktop QA]

Attachment: reFocus.png

I have reproduced this issue using Firefox 108.0a1 (2022.10.30) on Ubuntu 22.
I can confirm this issue is fixed, I verified using Firefox 113.0a1 latest nightly (2023.03.30) and Firefox 112.0b8 on Ubuntu 22 the "reFocus" window no longer overlaps the full screen window. Verified on Windows 10 and on macOS 12 using Fx 113.0a1 latest nightly and Fx 112.0b8, here the "reFocus" button click behavior is different, at step 10 when I clicking on "reFocus" button it behaves like exit full screen and the "Example Domain" window appears behind on exited full-screen window, see in attached screenshot (reFocus.png)

Comment 5

[Timea Zsoldos [:zstimi/tzsoldos], Desktop QA]

Verified using Firefox 102.10.0esr build on Ubuntu 22, Windows 10 and macOS 12, it works as expected.

Comment 6

[Tom Ritter [:tjr]]

Attachment: advisory.txt

Comment 7

[Tom Ritter [:tjr]]

Attachment: advisory.txt