Open Bug 1922417 Opened 1 year ago Updated 10 months ago

Prevent users from exiting full-screen mode while ` Open in app ` dialog is active in Firefox for Android

Categories

(Firefox for Android :: Browser Engine, defect, P3)

Product:
Firefox for Android
Component:
Browser Engine
Type:
defect

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: Puf, Unassigned)

References

(
URL
)

Details

(Keywords: reporter-external, Whiteboard: [client-bounty-form])

Attachments

(1 file)

PufIndex.html
1.17 KB, text/html
Details

Prevent users from exiting full-screen mode while Open in app dialog is active in Firefox for Android
the user is not capable to know that they actually exited Fullscreen due to pressing back does not work in Android, which allows an attacker to spoof the entire screen with attacker-spoofed content. using Open in app dialog
While Open in app dialog shows it does not exit Fullscreen Mode in Android, Press Back does not work while Open in app dialog is active

I have attached a video reproducing the attack
Unlisted Link: https://youtube.com/shorts/n9wKi6ben5Y

To Reproduce

  1. Open Pufindex.html
  2. Tap on Open Button
  3. the Dialog shows in Background Enters into Fullscreen mode
  4. User tries to press back to exit Fullscreen it does not exit Fullscreen
  5. Click on [ Cancel ] in dialog > shows spoofed page

Version :
Vivo V2231
Android Version: 14

Flags: sec-bounty?

Was there supposed to be pufindex.html attachment?

Flags: needinfo?(pufind1an)

Fixing Possibilities

  1. The dialog shows first and Second the Fullscreen mode enters in Background > while dialog is active it should not enter into Fullscreen mode
Attached file PufIndex.html

Sorry Attached Pufindex.html POC

Flags: needinfo?(pufind1an)
Group: firefox-core-security → mobile-core-security
Component: Security → General
Product: Firefox → Fenix

This may be unfortunate UI interaction, but it's not a security bug. Full screen was announced, the modal dialog is modal, and after it's gone you can deal with the full screen stuff.

Group: mobile-core-security

Full screen was announced but the back press does not work there is Issue here

I think it's possible to fix when open in app dialog is Shows/active automatically exit the Fullscreen ( or ) exit fullscreen if user press Back button

I hope you will reconsider this as low sev to keep this Bug at safe side

Flags: needinfo?(dveditz)

I Have Reported similar vulnerability which prevents Users to exit Fullscreen in windows (esc) key does not work Full screen notification was announced too
Ref: https://issues.chromium.org/issues/40067914 = Restricted
Fixing Solation: switch out of fullscreen ( or ) exit fullscreen before showing additional dialog-like UI

Thank you

In this case you are not secretly preventing the user from exiting fullscreen. The rather obvious modal dialog is preventing the user from exiting fullscreen. This is different from a generic "lock the user into fullscreen" type bug.

yeah, it's not a great user experience, and your proposal in comment 6 might be one way to make it better. It's worth tracking as a bug, but none of us thought this amounted to a spoof that needed to be hidden.

Flags: needinfo?(dveditz)

The severity field is not set for this bug.
:amejia, could you have a look please?

For more information, please visit BugBot documentation.

Flags: needinfo?(amejiamarmol)
Severity: -- → S3
Flags: needinfo?(amejiamarmol)
Priority: -- → P3
Flags: sec-bounty? → sec-bounty-

The Bugbug bot thinks this bug should belong to the 'Fenix::Browser Engine' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: General → Browser Engine
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: