Closed
Bug 769760
Opened 12 years ago
Closed 12 years ago
The browser crashes on being served an infinite loop of window.open
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 685828
People
(Reporter: vatsalbakshi, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0 Build ID: 20120624012213 Steps to reproduce: Entered <a href="javascript: while(1){window.open('http://www.google.com')}"> Hello</a> , while testing for a cross-site scripting vulnerability on an intentionally vulnerable application. Steps to reproduce: 1. point the browser to "http://google-gruyere.appspot.com/start/". 2. Create an account. 3. Click on new snippet. 4. Enter the above mentioned payload. 5. Click on the rendered hyper-link. This can be reproduced by entering the above payload on any website that is vulnerable to XSS, and entering the above mentioned payload with the inner javascript. Actual results: The browser crashed. Expected results: When tested on Chrome. The browser handles the requests by limiting the number of windows and does not crash.
Updated•12 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•