Closed Bug 226962 Opened 21 years ago Closed 20 years ago

Popup blocker defeated by Tangozebra Toast Popup

Categories

(SeaMonkey :: UI Design, defect)

x86
Windows XP
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 176079

People

(Reporter: michael, Assigned: bugzilla)

References

()

Details

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) Gecko/20031007 Firebird/0.7
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) Gecko/20031007 Firebird/0.7

By using tricky Javascript, this company defeated Firebird's built-in Pop-up
blocker.  

The script below creates a link to an external file containing javascript which
pops up a window:

<script type="text/javascript" language="Javascript1.1">
<!--
var tz_rnd = Math.random();
var tz_redirector_00001470 =
"http://ad.uk.doubleclick.net/click%3Bh=v2|3062|2|0|%2a|j%3B6535741%3B0-0%3B0%3B7076263%3B255-468|60%3B3760849|3778745|1%3B%3B%3f";
var tz_vc_00001470 =
"http://ad.uk.doubleclick.net/imp;v1;j;6535741;0-0;0;7076263;0|0;3760849|3778745|1;;cs=n%3f";
var tz_force_00001470=-1;
var tz_bit1 = "<scr";var tz_bit2 = "</";
var tz_tag = tz_bit1 + 'ipt language="javascript1.1" type="text/javascript" ';
tz_tag += 'src="http://ad.uk.tangozebra.com/a/aj/s/1470/1366;' + tz_rnd +
'?ad_mediabrokers.js';
tz_tag += '">' + tz_bit2 + 'script>';
document.write(tz_tag);
//-->
</script><script src="politics_files/1366.js" type="text/javascript"
language="javascript1.1"></script>
<noscript>
<img src='http://ad.uk.tangozebra.com/a/at/s_noscript/1470/1366;?' border='0'
width='1' height='1'></noscript><script
src="politics_files/c_mediabrokers_2252.js" type="text/javascript"
language="javascript1.1"></script><noscript><a
href="http://ad.uk.doubleclick.net/jump/scotsman.tmuk/news;tile=1;pos=top;sz=468x60;dcopt=ist;ord=20031127233651"
target="_blank"><img
src="http://ad.uk.doubleclick.net/ad/scotsman.tmuk/news;tile=1;pos=top;sz=468x60;dcopt=ist;ord=20031127233651"
width="468" height="60" alt="Advertisement" border="0"></a></noscript></td>



Reproducible: Always

Steps to Reproduce:
This file contains the output of Firebird's: File > Save As... > "Web Page,
Complete"
Same issue with Mozilla 1.5
Status: UNCONFIRMED → NEW
Component: General → JavaScript Engine
Ever confirmed: true
Product: Firebird → Browser
Version: unspecified → Trunk
Component: JavaScript Engine → XP Apps
Blocks: popups
Related/dupe of bug 187255? See testcase in that bug.
Shouldn't bugs like this be kept confidential? I don't think bugzilla should be
an easy place for spammers to find code that defeats Mozilla privacy/security
features.

Prog.
Product: Core → Mozilla Application Suite
The popup technology on scotsman.com is provided by Tangozebra
(http://www.tangozebra.com), their "Toast Popup" product seems responsible for
this issue.
Summary: Pop-up blocker defeated in specific cases → Popup blocker defeated by Tangozebra Toast Popup
The popup is opened by Flash, this is a dup of Bug 176079. The new pref
"privacy.popups.disable_from_plugins" successfully blocks this popup.

*** This bug has been marked as a duplicate of 176079 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: