Closed Bug 380192 Opened 17 years ago Closed 17 years ago

window resizing in script causes content to be drawn on top of toolbars and tabstrip chrome

Categories

(Core :: Widget: Cocoa, defect)

Product:
Core
Component:
Widget: Cocoa
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: beltzner, Assigned: jaas)

References

(
URL
)

Details

(Whiteboard: [sg:low spoof] post 1.8-branch)

Attachments

(2 files)

screenshot
72.02 KB, image/png
Details
fix v1.0
961 bytes, patch
stuart.morgan+bugzilla
: review+
jst
: superreview+
Details | Diff | Splinter Review 
Using a recent (as of May 9, 2007) nightly of Minefield on OSX, visiting the page in the URL field will cause the following behaviour:

1. Active window will be resized to a small window in the bottom right corner
2. JS alert asks to install antivirus software
3. After either answer to JS alert, the active window is restored with a bogus security audit result

In step 3, the content window is sized (apparently unintentionally) such that the top of the content is cut off, and it renders on top of the toolbars and tabstrip. Resizing the window brings things back to normal.

Core::Layout?
This looks like a problem with nsCocoaWindow::Resize, called from nsGlobalWindow::ResizeTo().
Assignee: nobody → joshmoz
URL: http://amaena.com/securityworm666/ind...javascript:window.resizeTo(800,1100);
Component: General → Widget: Cocoa
Product: Firefox → Core
QA Contact: general → cocoa
Version: 2.0 Branch → Trunk
Flags: blocking1.9?
Gavin - why do you say that?

Beltzner - can you attach a screenshot?
(In reply to comment #2)
> Gavin - why do you say that?

I'm assuming that's where the problem is because this is a Mac-specific problem with ResizeTo, and the call to the widget-level ::Resize() from nsXULWindow::SetPositionAndSize is where things start to get platform-specific.
Can you not reproduce the problem with the testcase in the URL field? It's easy to reproduce here, on our 15" MBPs, but perhaps it depends on our screen resolution/monitor size.
Attached image screenshot 
Notice the scrollbar on the right, you can't see the top because it's offscreen (as are the toolbars). Clicking the resizer and moving it 1 pixel "fixes" the problem (the toolbars come back into view).
Flags: blocking1.9? → blocking1.9+
Group: security
Whiteboard: [sg:low spoof]
Group: security
Whiteboard: [sg:low spoof] → [sg:low spoof] post 1.8-branch
Attached patch fix v1.0Splinter Review 
The native resize can have its size restricted, we should send the actual new window size in our resize event, not the requested size.
Attachment #271259 - Flags: review?(stuart.morgan)
Attachment #271259 - Flags: review?(stuart.morgan) → review+
Attachment #271259 - Flags: superreview?(vladimir)
Attachment #271259 - Flags: superreview?(vladimir) → superreview+
landed on trunk
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Looks like this caused a pretty sizable Tp/Tp2 hit on bm-xserve08
It seems very unlikely that this would have caused a Tp hit of any kind. None of the code is expensive and it only executes when the window resizes. There is really no other reasonable way to do this.
Flags: in-testsuite?
Flags: wanted1.8.1.x-
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: