This template is ONLY for reporting security bugs. If you are reporting a
Download Protection Bypass bug, please use the "Security - Download
Protection" template. For all other reports, please use a different
template.
Please READ THIS FAQ before filing a bug: https://www.chromium.org/Home
/chromium-security/security-faq
Please see the following link for instructions on filing security bugs:
http://www.chromium.org/Home/chromium-security/reporting-security-bugs
NOTE: Security bugs are normally made public once a fix has been widely
deployed.
VULNERABILITY DETAILS
Site is capable of playing intrusive audio indefinitely and freezing chrome tabs / browser
VERSION
Version 54.0.2840.98 (64-bit)
MacOS
REPRODUCTION CASE
go to http://gaminghour.xyz/windows/
it redirects to a site with around 1000 numbers
plays audio, freezes the tab on chrome for mac
can't close / reload it or other tabs
try reporting the long url site to stopbadware, google, or other sites and you get an error, presumably because it's too long for anything to handle
FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION
Type of crash: [tab, browser, etc.]
Crash State: [see link above: stack trace, registers, exception record]
Client ID (if relevant): [see link above]
Comment 1 by elawrence@chromium.org
, Dec 7 2016Status: Untriaged (was: Unconfirmed)
Summary: Security: Site freezes all tabs in Chrome (tight-loop of pushState) (was: Security: Site freezes all tabs in Chrome)
This is a broad denial-of-service which is effective in blocking access to all tabs. I've sent the URL to the SafeBrowsing team. The underlying cause of the DoS is likely a dupe of Issue 648333. <script> setTimeout(function(){ var total = ""; for( var i = 0; i < 100000; i++ ) { total = total + i.toString(); history.pushState(0,0, total ); } }, 2500); </script>