299116 - treat mailto: links as popups (don't open except by explicit user action)

Status: NEW

(Core :: Security, defect)

Description

[awburns]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.7.8) 

JavaScript allows you to set window.location="mailto:" . This will open a new
mail window. If placed in a loop (especially infinite) this can result in a
state where it is very hard to close the browser and stop the loop. The user is
inundated with mail windows.

This does appear to be a general problem for all major browsers.

Reproducible: Always

Steps to Reproduce:
1. Go to http://www.neodynium.com/display.php?id=61
2. Click on the link 'Click with Care'


Actual Results:  
Multiple mailto: windows were opened.

Expected Results:  
Don't know. May be considered to be correct functionality, but clearly there is
a case for this being bad. You can call these mailto:'s in onload on a page, and
they don't get treated like popups, so there is little a user could do on
arriving at a page.

I guess, ideally, they would be treated as popups.

Comment 1

[Daniel Veditz [:dveditz]]

Changing summary to make it clear this is not a request to eliminate mailto:
entirely (which would be WONTFIXed)

Might want to do it with all externally-opened links

Comment 2

[Rob Krater]

Also stop mailto in the meta refresh tags

Steps to Reproduce:
1) http://ha.ckers.org/popup.html

Comment 3

[Rob Krater]

*** Bug 322417 has been marked as a duplicate of this bug. ***