New issue
Advanced search Search tips

Issue 678280 link

Starred by 1 user
Status: Duplicate
Merged: issue 654140
Owner: ----
Closed: Jan 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: trap user in full-screen

Reported by mischa.r...@gmail.com, Jan 4 2017 
VULNERABILITY DETAILS
Javascript function webkitRequestFullScreen() is not handled correctly which allows attacker to capture and hijack a users browser in full-screen mode

Other browsers ask permission to enable full-screen, yet chrome serves a full-screen mode view with an escape-button icon

VERSION
Chrome Version: 55 + stable
Operating System: Windows, Linux, Mac OS X

REPRODUCTION CASE
Load malicious website and let the user click anywhere on the screen (the screen is completely layered over with a div, which if clicked forces full screen).
Fake login.html
4.6 KB View Download

Comment 1 by elawrence@chromium.org, Jan 4 2017

Components: Blink>Fullscreen UI>Browser>FullScreen
Sounds like  Issue 654140  initially fixed in 56.0.2915.0?

Comment 2 by elawrence@chromium.org, Jan 4 2017

Status: Untriaged (was: Unconfirmed)
Repro works in Chrome 55 (escape dismisses momentarily, but full-screen reappears).
Repro doesn't work in Chrome 57 (escape dismisses, but full-screen does not restart until user interacts again)

Comment 3 by e...@chromium.org, Jan 4 2017

Mergedinto: 654140
Status: Duplicate (was: Untriaged)
Thanks for confirming.
Project Member

Comment 4 by sheriffbot@chromium.org, Apr 13 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment