Open
Bug 608899
Opened 14 years ago
Updated 2 years ago
Maybe purge pending keyboard / mouse events when window destroyed?
Categories
(Core :: DOM: UI Events & Focus Handling, defect)
Core
DOM: UI Events & Focus Handling
Tracking
()
NEW
People
(Reporter: lcamtuf, Unassigned)
Details
(Keywords: sec-low, Whiteboard: [sg:low])
Hi folks,
This is minor in the grand scheme of things, but since JS busy loops block the UI hard, keyboard and mouse events are not dequeued and processed; and if that busy loop ends with window.close(), they will be delivered to the wrong window or tab instead. Naive PoC:
http://lcamtuf.coredump.cx/ffpause/
I actually suspect this is broken in more ways than immediately apparent (for example, a well-timed busy loop lets me have a half-done file open / save prompt on screen), but the window.close() vector is the most obvious and easiest to fix by just purging the event queue when window or tab is destroyed.
|
||
Updated•14 years ago
|
Whiteboard: [sg:low]
|
Reporter | |
Comment 1•13 years ago
|
||
Umm, so this kind of looks fixed in Firefox 5.
|
||
Comment 2•13 years ago
|
||
I can still reproduce this with:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:9.0a1) Gecko/20110919 Firefox/9.0a1
|
||
Updated•13 years ago
|
Component: Security → DOM: Events
Product: Firefox → Core
QA Contact: firefox → events
Version: 3.6 Branch → unspecified
|
||
Updated•12 years ago
|
Component: DOM: Events → Event Handling
|
Assignee | |
Updated•6 years ago
|
Component: Event Handling → User events and focus handling
|
||
Updated•2 years ago
|
Severity: minor → S4
You need to log in
before you can comment on or make changes to this bug.
Description
•