User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9b5) Gecko/2008043010 Fedora/3.0-0.60.beta5.fc9 Firefox/3.0b5 Build Identifier: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9b5) Gecko/2008043010 Fedora/3.0-0.60.beta5.fc9 Firefox/3.0b5 A single website can force the entire X11 browser window to be resized, even if other websites are opened in multiple tabs. Rogue websites can make the browser super-tiny, and broken websites maximize the window size. Either way, a single website can control the browsing experience for /other, unrelated/ websites. Reproducible: Always Steps to Reproduce: 1. Open browser, and DO NOT make the window fill the entire screen (i.e. do not maximize). Ensure some of your desktop remains visible. 2. Open multiple websites in multiple tabs. 3. Visit the URL given. 4. Watch browser window, and all websites opened in all tabs, resize to the dimensions requested. Actual Results: Overall browser window resized. Expected Results: Do not honor resize request, because it affects unrelated websites. Honestly, IMO, this is a mild security issue.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → INVALID
I cannot reopen this bug, but closing it as invalid is IMHO not honest -- if it is not security bug be it (it's splitting of hair anyway), but to have this as default is IMHO very much bug.
you are right, it's a dupe of bug 144069 The JS function to resize the window is something from the pre-tab innovation. Not supporting or block it breaks web pages, allowing it conflicts with tabs. The current solution is the best solution: doesn't break pages but as user you can disable it. That is the reason why bug 144069 is 6 years old
Resolution: INVALID → DUPLICATE
Duplicate of bug: 144069
You need to log in before you can comment on or make changes to this bug.