User-Agent: Mozilla/3.04 (WinNT; I) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b3) Gecko/20050712 Firefox/1.0+ The following JS line hangs Deer Park Alpha 2: for (;;) window.sidebar.addPanel ("x", "http://www.example.net/", ""); I've marked this as a security problem because at least under Windows XP it becomes very hard to close Deer Park if you don't do it soon enough: Task Manager fails to open or the 'End Process' button doesn't do anything. I had to log off to finally get rid of the browser which could cause loss of data in other applications. Reproducible: Always

This is like "while(true) window.open()" except the popup blocker prevents that kind of abuse. addPanel() should probably feed through the popup blocker too, to make sure it's in response to a reasonable user action.

*** Bug 338498 has been marked as a duplicate of this bug. ***

addPersistentPanel, addSearchEngine, and addMicrosummaryGenerator (possibly other similar methods being added, feed handling comes to mind) all could use some kind of protection against this type of abuse. There was some discussion about creating a generic system that could be shared with the popup blocker for this kind of thing when I brought up the "add a search engine" UI in #developers a while ago.

This was just published here: http://websecurity.com.ua/2454/

same as bug 256154?

(In reply to comment #6) > same as bug 256154? I don't think so, I had seen that bug before I filed this one. The other bug is about whether this addPanel should be treated just like window.open, this one is about limiting the number of simultaneous addPanel dialogs. Of course, iff addPanel was treated just like a popup this bug would become moot.

As shown in the duplicated bug 658863 this i still a problem in the latest Firefox versions.

Bug 691647 removed addPanel.