User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30 Steps to reproduce: The issue discussed is more unwanted then a security issue , through a pre-made sceanrio , a hacker can use it to achieve a malicious activity. Since the URL Address Bar doesnt get flushed after triggering an onbeforeunload event , neither forced to indicate the real URL address , a hacker can ( in a way ) convince the user to navigate to a trusted domain and display hacker-controlled content on behalf of the trusted domain through a combinaison of an iframe and triggering the onbeforeunload event. AMOR Mohamed Amine Actual results: Malicious contents get displayed on behalf of the trusted domain. Expected results: URL Address Bar gets flushed after triggering the onbeforeunload event.
Attachment #551187 - Attachment mime type: application/octet-stream → application/zip
I am no longer able to reproduce this bug. Here are the steps I followed: 1. Serve the test page locally and browse to it. 2. Click on the page. 3. Press the back button (or close the tab). The URL bar shows the URL of the test page at all times.
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.