*** Bug 1747581 has been marked as a duplicate of this bug. ***
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1638610
Title:
Dependency of JavaScript objects is Misconfigured Browser Crashes.
Status in Mozilla Firefox:
Confirmed
Status in firefox package in Ubuntu:
Confirmed
Bug description:
Hey Team ,
The bug i want to mention here is a denial of service attack that will not
allow any kind of redirection on a page crafted by attacker where we have used
hyper-links(ahref).
The bug can be maliciously used by crafting an HTML file by an attacker and
then sending it to the victim clearly showing there is a hyper-link that
redirects to lets say (google.com) through status bar but it will not , instead
cause denial of service , browser's also hang up and Crashes.
I have tested it on the Very Latest Version of Ubuntu LTS Default Browser.
Reason:
The following script stops the page from being redirected:
window.onbeforeunload = function(){
//Unredirectable Page
setTimeout("window.location=document.location;",0);
}
Demo URL : http://hackies.in/Unredirect-Browsers-Test.html
Actual results:
It should redirect me to the new page , where as it don't redirect to
a new page and the browsers Hangs up.
Expected results:
So dependency of JavaScript objects(window.document) on Href attribute should
not be there.
Attached POC for References
To manage notifications about this bug go to:
https://bugs.launchpad.net/firefox/+bug/1638610/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
