Closed Bug 263777 Opened 21 years ago Closed 21 years ago

Click handler bypasses pop-up blocker

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: mnyromyr, Unassigned)

References

(
URL
)

Details

(Whiteboard: [sg:nse])

Attachments

(1 file)

simple test case
243 bytes, text/html
Details
Specifying an onclick handler per onclick attribute or per addEventListener on document load allows to bypass the pop-up blocker. (First "exploits" of this are already out in the wild, the given URL opens an advertizing pop-up when one of the book links is clicked, if cookies are blocked entirely. It hides this in a very obfuscated code mass.) Since totally banning onclick handlers isn't quite probable, I suspect more websites to start with a special front page saying "Click here to enter" and having a popup opening for every link... :( Although there are already "exploits" of this out there, I'm marking this bug as confidential. The word will get around fast enough without being visible here, I fear. :(
Attached file simple test case
Whiteboard: [sg:nse]
This is as designed, and it's not really a bug that's fixable either. Short of AI smarts to figure out what link clicks you want to enable popups from, there's not much we can do about this. Marking WONTFIX, and opening up, as this is not a security bug.
Group: security
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → WONTFIX
*** Bug 263870 has been marked as a duplicate of this bug. ***
*** Bug 282722 has been marked as a duplicate of this bug. ***
*** Bug 265186 has been marked as a duplicate of this bug. ***
*** Bug 283402 has been marked as a duplicate of this bug. ***
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: