Closed
Bug 425572
Opened 17 years ago
Closed 17 years ago
Site hijacks browser and will not let user regian control without hard exit
Categories
(Firefox :: Security, defect)
Tracking
()
People
(Reporter: notify, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.9 (like Gecko)
Build Identifier: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.12) Gecko/20080212 Firefox/2.0.0.12
I'm not sure if this is a security issue or if anything can be done about it. The site in question is http://smouch.net/lol (do not go to it unless you've close and bookmarked everything important). It will hijack the browser and make it impossible to close using javascript handling the back event on the web browser.
Since it's not a phishing scam or anything that can pull personal information, I'm not sure if this should be considered a security bug, but I'll mark it that way in case. If it's not, let me know and I won't do so in the future.
Reproducible: Always
Steps to Reproduce:
1. Go to Website listed above
2. Click on the back button once the window stops moving
3.
Actual Results:
Web Browser is completely unresponsive
i don't think this is security sensitive. and atm the site does not seem to exist. you can always turn off js (personally I use noscript) if you need to defeat such sites (unless of course they hang the ui, which you haven't described this one as doing).
Group: security
|
||
Comment 3•17 years ago
|
||
For the bouncing window :
Tools/Options/content/Javascript/advanced/[]move or resize existing windows
That you can not use alt+f4 or ctrl+4 = known bug that the plugin window eats the keyboard shortcuts (search for it)
that you get this alerts if you close the window and can not close the window is either bug 59314 or bug 61098
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•