Closed Bug 542229 Opened 12 years ago Closed 11 years ago

onbeforeunload should limit number of newlines, can hide the buttons

Categories

(Firefox :: General, defect)

x86
Linux
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 588292

People

(Reporter: tor.klingberg, Unassigned)

Details

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.7) Gecko/20100106 Ubuntu/9.10 (karmic) Firefox/3.5.7
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.7) Gecko/20100106 Ubuntu/9.10 (karmic) Firefox/3.5.7

If onbeforeunload returns a string with many newlines, the Ok and Cancel buttons will be pushed below the bottom of the dialog box, and there will be no way to leave a page except pressing enter on the keyboard. This can be used by malicious sites to prevent visitors from leaving. Below is example code that works at least on a 1024x576 screen.

<html><head>
<script language="JavaScript">
  window.onbeforeunload = confirmExit;
  function confirmExit()
  {
    return "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
  }
</script>
</head><body>
Try closing this page.
</body></html>

This would be prevented if excessing newlines are stripped, just like very long strings are truncated. Perhaps some other special characters should also be stripped. Related to bug Bug #246365.

Reproducible: Always
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 588292
You need to log in before you can comment on or make changes to this bug.