Closed Bug 597934 Opened 11 years ago Closed 3 years ago

alert/confirm/prompt all can circumvent bug 61098 fix

Categories

(Core :: DOM: Core & HTML, defect, P3)

defect

Tracking

()

RESOLVED WORKSFORME
Tracking Status
blocking2.0 --- -

People

(Reporter: BijuMailList, Unassigned)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

(Keywords: sec-want, Whiteboard: [sg:want])

Attachments

(2 files)

Attached file alert_trap.html
Thanks for Bug 61098 fix...
Now we can stop the run away script with alert/confirm/prompt

But for evil websites there is a technique to circumvent bug 61098 fix.

See attachment alert_trap.html
blocking2.0: beta7+ → ?
Depends on: alertloops
Summary: Technique to circumvent bug 61098 fix → confirm dialog circumvents bug 61098 fix
i checked the nightly build and this bypassed the checkbox style dialog suppression (as well as all the addons i've tried).  i've also tested with chromium and it suppresses dialogs across automatic reloads (not across manual reloads).  it seems like a good idea to look into how chromium does this and implement it's method.

forwarding via meta tags (to itself) may also bypass the fix.
1.9.1 and 1.9.2 are unaffected since bug 61098 hasn't been fixed on those releases.

I wonder how fast this can work, iow how fast the reload is for a page in the cache with a picture and some text...
Attached file prompt_trap.html
alert/confirm/prompt all can circumvent bug 61098 fix using this technique.
I have not created test for alert() just because once somebody accidentally goes in, it will be difficult to come out.
Summary: confirm dialog circumvents bug 61098 fix → alert/confirm/prompt all can circumvent bug 61098 fix
Not blocking on this. If someone provides a safe patch it will be considered though.
blocking2.0: ? → -
Depends on: 598246
Blocks: eviltraps
(In reply to comment #1)
> i checked the nightly build and this bypassed the checkbox style dialog
> suppression (as well as all the addons i've tried).

The RightToClick extension:
https://addons.mozilla.org/en-US/firefox/addon/12572/
deals with it correctly.
status2.0: ? → ---
Whiteboard: [sg:want]
Duplicate of this bug: 835549
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.