Closed
Bug 244766
Opened 20 years ago
Closed 20 years ago
windows opened as chrome can open popups
Categories
(SeaMonkey :: UI Design, defect)
SeaMonkey
UI Design
Tracking
(Not tracked)
VERIFIED
FIXED
mozilla1.7final
People
(Reporter: danm.moz, Assigned: jag+mozilla)
References
Details
(4 keywords, Whiteboard: [sg:fix])
Attachments
(1 file)
1.13 KB,
text/html
|
Details |
Chrome-level content is immune from popup blocking controls. Therefore adding the 'chrome' window.open feature (to be clear: not the same as a chrome:// URL; any window can do this) creates a window with unlimited popup capabilities. Is this really a security issue? Dunno. I'd like to not advertise the exploit, since it seems to have gone unnoticed so far.
Attachment #149359 -
Attachment mime type: text/plain → text/html
Comment 2•20 years ago
|
||
This is a small part of the problem that untrusted script can window.open("chrome") in the first place, which allows dialog spoofing very easily. That is now filed as bug 244965.
Depends on: 244965
Updated•20 years ago
|
Flags: blocking1.8a2?
Flags: blocking1.7?
Comment 3•20 years ago
|
||
what would we do to fix?
Don't need to do a thing. The latest patch (the fourth attachment) in bug 244965 will block this nicely. When remote chrome comes online we may have to revisit this.
Updated•20 years ago
|
Flags: blocking1.7+ → blocking1.7-
Comment 6•20 years ago
|
||
Not really an issue, now that we've blocked untrusted content from opening windows as chrome. Dan, do you want to close this?
Flags: blocking1.8a2?
Status: NEW → RESOLVED
Closed: 20 years ago
Keywords: fixed1.7
Resolution: --- → FIXED
Whiteboard: fixed-aviary1.0
Target Milestone: --- → mozilla1.7final
Comment 7•20 years ago
|
||
Adding Jon Granrose to CC list to help round up QA resources for verification
Comment 8•20 years ago
|
||
adding tracy to verify on 1.7
Comment 9•20 years ago
|
||
verified, the demo now opens a large unchromed window
Status: RESOLVED → VERIFIED
Updated•20 years ago
|
Keywords: fixed1.7 → verified1.7
Updated•20 years ago
|
Whiteboard: fixed-aviary1.0 → [sg:fix]fixed-aviary1.0
Updated•20 years ago
|
Product: Core → Mozilla Application Suite
Updated•19 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•