Closed
Bug 270867
Opened 20 years ago
Closed 17 years ago
popup blocker fails to block popup (PayPopup.com)
Categories
(Firefox :: General, defect)
Firefox
General
Tracking
()
RESOLVED
DUPLICATE
of bug 212163
People
(Reporter: maacruz, Unassigned)
References
()
Details
Attachments
(2 files)
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.2) (KHTML, like Gecko) Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041109 Firefox/1.0 When the page at http://ngemu.com/ starts, the popup is catched, but if you click on one of the console's links, a popup opens. Tested with mozilla 1.6 too. Reproducible: Always Steps to Reproduce: 1.Open http://ngemu.com/ with firefox 2.Once the page is loaded (popup has been blocked), click on a console link (i.e. dreamcast) 3.Popup will open at the right lower corner of the screen Actual Results: Popup opens Expected Results: Popup blocked Javascript code in the page: <script language="JavaScript"> function Fullsize(adress, iwidth, iheight) { var newurl = '' + adress; var params = 'toolbars=0, scrollbars=0, location=0, statusbars=0, ' + 'width=' + iwidth+ ', height=' + iheight + ' menubars=0, resizable=0, left=0, top=0'; newwindow=window.open(newurl, 'fullimg', params); } //--> </script> <SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript"> <!-- function getto(form, i) { var site = form.elements[i].selectedIndex; if ( site >= 0 ) { top.location = form.elements[i].options[site].value; } } // --> </SCRIPT> <!-- PayPopup.com Popup Blocker Detector Begin --> <script> var PB = false; function failed() {PB=true;} var firstPop = window.open("about:blank","paypopuptest","width=1,height=1,left=5000,top=5000",true); window.onerror=failed var secondPop = window.open("about:blank","paypopuptest","width=1,height=1"); if(firstPop == secondPop) PB=false; else PB=true; firstPop.blur(); firstPop.close(); window.onerror=null; </script> <!-- PayPopup.com Popup Blocker Detector End --> <!-- PayPopup.com Advertising Code Begin --> <script language="JavaScript"> var paypopup_clicked = false; function gopaypopup(){ if(paypopup_clicked==false){ paypopup_clicked=true; paypopup(); } } if (PB) { //Pop-Under Code Here document.write('<SCRI'+'PT LANGUAGE="JavaScript1.1" '); document.write(' SRC="http://www.PayPopup.com/popup.php?id=Bobbi&pop=enter&t=5&subid=7130">'); document.write('</SCR'+'IPT>'); //Pop-Under Code End dl = document.links; for (i=0; i< dl.length; i++) { if (dl[i].onclick==null && dl[i].target==""){ dl[i].onclick = gopaypopup; } } }else{ //Pop-Under Code Here document.write('<SCRI'+'PT LANGUAGE="JavaScript1.1" '); document.write(' SRC="http://www.PayPopup.com/popup.php?id=Bobbi&pop=enter&t=5&subid=7130">'); document.write('</SCR'+'IPT>'); //Pop-Under Code End } </SCRIPT> <!-- PayPopup.com Advertising Code End --> Popup code: <HTML> <HEAD> <TITLE>Advertising_Loading_Window...</TITLE> <script language="JavaScript"> <!-- GoHideMe(); function gopopup(){ delCookie(); var popURL= "http://www1.paypopup.com/links.php?id=Bobbi&pk=&subid=7130&tid=w3119u251751&ref=aHR0cDovL25nZW11LmNvbS9nYmEv&pip=&ip=&22222=1"; self.location = popURL; self.blur(); } function GoHideMe(){ self.blur(); self.moveTo(10000,10000); self.resizeTo(1,1); self.blur(); if (navigator.appName=="Netscape") { if(window.opener){ window.opener.focus(); } } } function delCookie(){ document.cookie="active=0;"; } function ReadCookie(cookieName) { var theCookie=""+document.cookie; var ind=theCookie.indexOf(cookieName); if (ind==-1 || cookieName=="") return ""; var ind1=theCookie.indexOf(';',ind); if (ind1==-1) ind1=theCookie.length; return unescape(theCookie.substring(ind+cookieName.length+1,ind1)); } //close the window if (ReadCookie("popupnum") > 4 || ReadCookie("active") == 1 ){ self.close(); } document.cookie = "active=1"; //read the popup cookie var popupnum = ReadCookie("popupnum"); if (popupnum == ""){ document.cookie = "popupnum=1"; } window.setTimeout("gopopup();", 5000); // --> </script> </HEAD> <BODY onFocus="GoHideMe();" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#800080" onUnload="delCookie();"> <small>Advertising Loading Window, Powered by <a href="http://paypopup.com" target=_blank>paypopup.com</a></small><br> <img src="http://test.yesadvertising.com/links.php?aid=12&pid=1005&cid=1308&lid=1" width=1 height=1> </BODY> </HTML>
Comment 1•20 years ago
|
||
just tried this... popup gets closed. I'm using Firefox 1.0 on windows. You can safely close this bug.
Comment 2•20 years ago
|
||
(In reply to comment #1) > just tried this... popup gets closed. I'm using Firefox 1.0 on windows. > You can safely close this bug. sorry i was wrong, it actually took some time for the popup to open, so i didn't notice it. I think there should be a unique bugreport for all the problems with popup blocking not working, so maybe this should be merged with #253831
Comment 3•20 years ago
|
||
I've been using Firefox for about 2 months now, without any sign of popups till 3 days ago. It doesn't matter what site I go to, same behavior : page opens fine, sometimes with a notice that popup was blocked; but, for at least the first click, on any console/banner links, a popup occurs. I don't know how to look at the popup's source (CNTL-U doesn't work), but I suspect that the problem is a hiole in firefox code, exploited by client side code. The primary reason for this is that these popups are occuring from my own web site, but only when using one of my PCs, an XP, running SP2. My daughter indiscrimanently surfs the web, and my step son openly accesses sex sites (he's moving out soon for it too), so perhaps they are picking up spyware that exploits a weakness in firefox code. Are there any Windows firewall settings that I should check?
Comment 4•20 years ago
|
||
this bug also happens with mozilla suite runnig in linux. steps to reproduce: 1- in a recent linux distro, download latest nightly build (i'm using Mozilla 1.8a6 Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8a6) Gecko/20050101) 2- access http://www.animetorrents.com. two popups will be blocked, one ath the begging other at the end of the loading proccess. 3- keep open some task/window list (in windowmaker click with the midle button in an empty desktop space, in KDE/Gnome keep an eye in the task bar) and click in "Bittorrent Downloads" 4- a very small window will apear at the lower left side of the desktop, then grow to fill the screen. software used: - Debian GNU/linux unstable (SID) - Windowmaker 0.9.1 - Mozilla suite - Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8a6) Gecko/20050101 Javascript found in http://www.animetorrents.com: at the begining of the page: <!-- PayPopup.com Popup Blocker Detector Begin --> <script> var PB = false; function failed() {PB=true;} var firstPop = window.open("","paypopuptest","width=1,height=1,left=5000,top=5000",true); window.onerror=failed var secondPop = window.open("","paypopuptest","width=1,height=1"); if(firstPop == secondPop) PB=false; else PB=true; firstPop.blur(); firstPop.close(); window.onerror=null; </script> <!-- PayPopup.com Popup Blocker Detector End --> At the end of the page: <!-- PayPopup.com Advertising Code End --> <SCRIPT LANGUAGE="JavaScript1.1"> var paypopup_clicked = false; function gopaypopup(){ if(paypopup_clicked==false){ paypopup_clicked=true; paypopup(); } } if (PB) { //Pop-Under Code Here document.write('<SCRI'+'PT LANGUAGE="JavaScript1.1" '); document.write(' SRC="http://www.PayPopup.com/popup.php?id=Sarke&pop=enter&t=5&subid=8214">'); document.write('</SCR'+'IPT>'); //Pop-Under Code End dl = document.links; for (i=0; i< dl.length; i++) { if (dl[i].onclick==null && dl[i].target==""){ dl[i].onclick = gopaypopup; } } }else{ //Pop-Under Code Here document.write('<SCRI'+'PT LANGUAGE="JavaScript1.1" '); document.write(' SRC="http://www.PayPopup.com/popup.php?id=Sarke&pop=enter&t=5&subid=8214">'); document.write('</SCR'+'IPT>'); //Pop-Under Code End } </script> <!-- PayPopup.com Advertising Code End --> I'm not a javascript expert, but i believe the mangled '<SCRI'+'PT LANGUAGE="JavaScript1.1" ' is used to load http://www2.paypopup.com/popup.php?id=Sarke&pop=enter&t=5&subid=8214&blk=1 wich then does the "magic", so i believe the later URL should be checked, specially this part wich I believe is the one that intercepts mouse clicks on links: function paypopup(){ if (!poped) { if(!usingXPSP2) { popwin=window.open(paypopupURL,'Ads1104679600','scrollbars=1,resizable=1,menubar=1,location=1,top=10000,left=10000,width=1,height=1'); var popV2="scrollbars=1,resizable=1,menubar=1,location=1,top=10000,left=10000,width=1,height=1"; if(!popwin) { window.showModelessDialog("javascript:function er(){return true;} window.onerror = er; function p(){setTimeout(\"window.open('"+paypopupURL+"','1104679600', '"+popV2+"', true); self.close();\",100);} p();","","dialogtop=2999; dialogleft=2999; dialogheight:0px; dialogWidth:0px; status:no; help:no"); } else { popwin.blur(); } self.focus(); poped = true; } else { if (window.Event) document.captureEvents(Event.CLICK); document.onclick = gopop; self.focus(); } } }
Comment 5•20 years ago
|
||
When using FireFox 1.0 on Mac OS/X visiting http://www.usagreetings.com/, popups were not blocked. (If it means anything, the Mac install of FireFox originally has a pre-release of 1.0 installed, but was upgraded.) I was unable to reproduce this on a Windows machine with the same version of FireFox, although the Windows machine has Adblock installed.
Comment 6•20 years ago
|
||
I also get the popups, using Firefox 1.0 (Mozilla/5.0 (Windows; U; Win 9x 4.90; es-AR; rv:1.7.5) Gecko/20041108 Firefox/1.0). But the weird thing, is after getting the popups (4 in total, for ngemu.com), Firefox hangs by about 30 seconds with 100% CPU usage, on a Celeron 700, with 112MB of RAM, and WinMe with ALL latest security patches applied. It seems that PayPopup.com is using a more aggresive popup system, making the sites almost un-browse-able, AND FORCING THE USERS TO SEE THE DAMN POPUPS!. Firefox is fooled this time, and in a very "dirt" way.
Comment 7•20 years ago
|
||
Please try moving or deleting the firefox directory from your home directory and starting from scratch -- or re-importing your preferences from mozilla. This completely solved the popup problem for me. There seem to be some important issues when using a new version of firefox with your old preferences file.
It doesn't matter what version of Firefox is being used. I just installed the latest build and erased my entire profile, but despite all that trouble it still works. Oddly enough, Internet Explorer running under Windows XP with the SP2 upgrade actually blocks the pop-up. Unlike the onClick() pop-ups that are starting to show up, this uses another kind of exploit that starts as soon as the mouse clicks somewhere, then sets up a timer of sorts to continue popping up windows safely.
Another example of this can be seen at http://www.vgmuseum.com/ where clicking on most links loads a frame and the main window launches some script that presents the popups. The script comes from http://www.PayPopup.com/popup.php?id=ztnet&pop=enter&t=5&subid=8295&blk=1 and appears to just sniff your useragent and perform different events based on what it finds. document.cookie = 'oneinone=yes'; function blockError(){ return true; } window.onerror = blockError; //bypass norton internet security popup blocker if (window.SymRealWinOpen){ window.open = SymRealWinOpen; } if (window.NS_ActualOpen) { window.open = NS_ActualOpen; } var paypopupURL = "http://www6.paypopup.com/loading.php?id=ztnet&pop=exit&t=&subid=&tid=1108409135&pip=24.58.21.178"+"&ref="+escape(self.location); var usingClick = false; var popwin = null; var poped = false; function gopop() { if (!poped) { popwin = window.open(paypopupURL,'Ads1108409135','scrollbars=1,resizable=1,menubar=1,location=1,top=10000,left=10000,width=1,height=1'); poped = true; self.focus(); } } function paypopup(){ if (!poped) { if(!usingClick) { popwin = window.open(paypopupURL,'Ads1108409135','scrollbars=1,resizable=1,menubar=1,location=1,top=10000,left=10000,width=1,height=1'); self.focus(); if (popwin) { poped = true; } } } if (!poped) { if (window.Event) document.captureEvents(Event.CLICK); document.onclick = gopop; self.focus(); } } function version() { usingClick = ((window.navigator.userAgent.indexOf("SV1") != -1) || (window.navigator.userAgent.indexOf("Opera") != -1) || (window.navigator.userAgent.indexOf("Firefox") != -1)); } version(); if(!usingClick) { onunload = paypopup; } else { if (window.Event) document.captureEvents(Event.CLICK); document.onclick = gopop; } self.focus();
Comment 10•20 years ago
|
||
I've found another site that exploits this bug: http://www.w3schools.com/css/css_positioning.asp While LEFT-clicking opens the pop-up, MIDDLE-clicking (to open in a new tab) does not work. However, it's fairly evident that this bug will soon get out of control, considering how well-known it is. I've seen Bugzilla reports over a year old describing this bug, and unfortunately many have been marked with a "will-not-fix" status. To be frank, this is unacceptable, especially since Internet Explorer SP2 blocks the pop-ups (pop-ups are eventually made using another IE-specific exploit, but that's beyond the point). Here's my suggestion: let's say an event is triggered when a link (the "A" tag) is clicked. If that "A" tag contains an HREF parameter that points to another web site, it should block the pop-up. The same should apply for form buttons.
Comment 11•20 years ago
|
||
I'm having the same problem with a Netflix popup that just won't quit no matter what I try. It seems to be activated by my opening email from any one on my recipient list...adblock is not working. I gave a detailed explanation in my submission of bug# 282284. It's so similar to this report that perhaps they should be combined. We need a fix FAST or else I'm gonna have to go back to Internet Explorer. I did not have this problem with it.
Comment 12•20 years ago
|
||
(In reply to comment #11) > I'm having the same problem with a Netflix popup that just won't quit no matter > what I try. It seems to be activated by my opening email from any one on my > recipient list...adblock is not working. I gave a detailed explanation in my > submission of bug# 282284. It's so similar to this report that perhaps they > should be combined. We need a fix FAST or else I'm gonna have to go back to > Internet Explorer. I did not have this problem with it. That's a tad different...though bug# 281472 is still at large: https://bugzilla.mozilla.org/show_bug.cgi?id=281472
Comment 13•20 years ago
|
||
I think this is the gist of what is happening, take my code and put it in a small html file and run it and if you click anywhere in the page you will get a popup. Hope this helps. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <TITLE>Test Firefox hole</TITLE> <script language="Javascript"> document.onclick = redirect; function redirect(evt) { var xwin = window.open("http://www.yahoo.com"); xwin.focus(); return true; } </script> </HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#FF0000" VLINK="#800000" ALINK="#FF00FF" BACKGROUND="?"> <div id="test"> </div> </BODY> </HTML>
Comment 14•20 years ago
|
||
Firefox also fails to block popunders on this site: www.vastbeyond.com/portal1.htm
Comment 15•20 years ago
|
||
(In reply to comment #14) > Firefox also fails to block popunders on this site: > > www.vastbeyond.com/portal1.htm > > Right, see bug# 281472. https://bugzilla.mozilla.org/show_bug.cgi?id=281472
Updated•20 years ago
|
Blocks: pop-up-arms-race
Comment 16•20 years ago
|
||
I've experienced this bug at http://www.zophar.net/ as well. It appears to be triggered by a javascript click event OUTSIDE a link. It deserves to be fixed since it is not link-related and is triggered by other actions like selecting text. Here's a test page I've prepared that shows the bug is reproducible (method used by paypopup): <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Mozilla Firefox Popup Exploit!</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript"><!-- function dopop(){ if (!haspopped){ window.open('http://www.seizurerobots.com/','somethingwindow', 'scrollbars=1,resizable=1,menubar=1,location=1,top=100,left=100,width=320,height=240'); haspopped = true; // only trigger it once to be more elusive...}} //--></SCRIPT> <script type="text/javascript"><!-- document.onclick = dopop; var haspopped = false; //--></SCRIPT> </head> <body> <h1>A demo of the Mozilla/Firefox popup blocking exploit</h1> <p>Mozilla Firefox has a flaw in its popup blocking capabilities which allows a page to load a popup, using JavaScript, through a page's click event. This unsolicited because it's triggered by an unrelated action performed by the user, such as making a text selection.</p> <p>The popup does not display at all if the user right-clicks first. This is because Mozilla blocks popups triggered by onClick if they're from a right-click but not a left.</p> <p>This bug has been tested in Firefox 1.01 and the Suite 1.7, both on Windows XP Pro SP2, where it is fully reproducible.</p> </body> </html> <body> <h1>A demo of the Mozilla/Firefox popup blocking exploit</h1> <p>Mozilla Firefox has a flaw in its popup blocking capabilities which allows a page to load a popup, using JavaScript, through a page's click event. This unsolicited because it's triggered by an unrelated action performed by the user, such as making a text selection.</p> <p>The popup does not display at all if the user right-clicks first. This is because Mozilla blocks popups triggered by onClick if they're from a right-click but not a left.</p> <p>This bug has been tested in Firefox 1.01 and the Suite 1.7, both on Windows XP Pro SP2, where it is fully reproducible.</p> </body> </html>
Comment 17•20 years ago
|
||
(In reply to comment #16) Whoops, copy/paste got messed. Example ends at the </html>.
Comment 18•20 years ago
|
||
Test case. Click inside the page to cause a popup. Variable names are the same as in the paypopup.com code.
Reporter | ||
Comment 19•20 years ago
|
||
(In reply to comment #18) > Created an attachment (id=180085) [edit] > testcase: click on the page to cause a popup. > > Test case. Click inside the page to cause a popup. Variable names are the same > as in the paypopup.com code. This works even on konqueror!
Comment 20•20 years ago
|
||
*** Bug 289772 has been marked as a duplicate of this bug. ***
Comment 21•19 years ago
|
||
Firefox 1.0.3/WinXP Pro SP1 full updates Unable to blockup popup while accessing: http://pearlchan.tblog.com/ though Firefox reported that the popup has been blocked.
Updated•19 years ago
|
Hardware: Other → All
Version: unspecified → 1.0 Branch
Comment 22•19 years ago
|
||
*** Bug 292275 has been marked as a duplicate of this bug. ***
Comment 23•19 years ago
|
||
Javascript sent back to browser to pop up window.
Comment 24•19 years ago
|
||
This is getting to be a serious problem. Can we stop Javascript from grabbing events?
Comment 25•19 years ago
|
||
*** Bug 295551 has been marked as a duplicate of this bug. ***
Comment 26•19 years ago
|
||
*** Bug 288691 has been marked as a duplicate of this bug. ***
Comment 27•19 years ago
|
||
need testcase keyword
Comment 28•19 years ago
|
||
Similar to this bug, the website www.smh.com.au has changed their popup code recently. The popups were getting stopped by Firefox, but today when I went there the popups were not getting blocked. I don't know what the code is that is causing the popup to function.
Updated•19 years ago
|
Assignee: firefox → nobody
Version: 1.0 Branch → Trunk
Comment 29•19 years ago
|
||
I have popups occuring intermittently, but most recently at this URL: http://www.cibomatto.com/
Comment 30•19 years ago
|
||
Popups are blocked with my version. Guess they have fixed the bug !! Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20050818 Firefox/1.6a1
Comment 31•19 years ago
|
||
I'm using 1.06 on WinXP still problem with http://www.torrentreactor.com/ http://isohunt.com/(In reply to comment #30)
![]() |
||
Comment 32•19 years ago
|
||
*** Bug 299585 has been marked as a duplicate of this bug. ***
Comment 33•19 years ago
|
||
Ok I looked into these popup that are still getting through the popup blocker. And i know at least one method that is getting through the blocker, and it should be fairly easy to detect and stop. The offending code takes advanage of document.write, (which usually can be succesfully blacked) the difference in the way they call (document.write('<SCRI'+'PT LANGUAGE="JavaScript1.1" '); or (document.write('<SCRI'+'PT src='http://somecode.com/ad.js'" '); by seperating the code to be printed (within the actual tag), they are able to execute popups and defeat the blocker. If a developer could add this type of popup to the blocker we are good. And as a suggestion it would be great if the blocker had a way to add new detection methods in a setting or something )without having to wait for the firefox to be patched. And one more suggestion a blocker whitelist in addition to the blacklist would be cool to (it would make blocking a lot easier)
Comment 34•19 years ago
|
||
That is not the problem. It'll still interpret an unrequested popup as an unrequested popup, except in the case of when a script hooks onto the "onClick" property (which is what PayPopup.com does). (In reply to comment #33) > Ok I looked into these popup that are still getting through the popup blocker. > And i know at least one method that is getting through the blocker, and it > should be fairly easy to detect and stop. The offending code takes advanage of > document.write, (which usually can be succesfully blacked) the difference in > the way they call > > (document.write('<SCRI'+'PT LANGUAGE="JavaScript1.1" '); > or > (document.write('<SCRI'+'PT src='http://somecode.com/ad.js'" '); > > by seperating the code to be printed (within the actual tag), they are able to > execute popups and defeat the blocker. > > If a developer could add this type of popup to the blocker we are good. And as > a suggestion it would be great if the blocker had a way to add new detection > methods in a setting or something )without having to wait for the firefox to be > patched. And one more suggestion a blocker whitelist in addition to the > blacklist would be cool to (it would make blocking a lot easier) >
Comment 35•18 years ago
|
||
I can confirm this one: I went to http://www.usagreetings.com/ and was presented with a popup (but only on the first visit; when I tried again a few minutes later, there was no popup). This popup had a normal window border, in contrast to the popup-blocker failures I get from pcworld.com (those lack a normal border). Using Mozilla 1.80b (Windows; U; Win98; en-US; rv:1.8b) Gecko/20050217) on Win98. Set to block all popups (no sites allowed). No other blockers installed.
Updated•17 years ago
|
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
Comment 37•17 years ago
|
||
AFAICT, this is NOT a duplicate (at least from the user perspective). Bug 212163 requires that the user click somewhere on the page to trigger the unwanted popup. In the examples cited hereabove, one need only GO to the site, and need not click anything, nonetheless up comes the popup all by itself. I've seen others like this since I wrote the previous bug-comment, but didn't record where I was.
Comment 38•17 years ago
|
||
Rez, most of the comments here are talking about paypopup.com using an onclick popup. If you're seeing something different (even if it's associated with paypopup.com) I think you should file a separate bug report.
Comment hidden (spam) |
Comment hidden (spam) |
You need to log in
before you can comment on or make changes to this bug.
Description
•