Issue metadata
Sign in to add a comment
|
Force Fullscreen Javascript Loop
Reported by
ronalddv...@gmail.com,
Jan 18 2017
|
||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Steps to reproduce the problem: Click anywhere on the white page when you open the "index.html" after that chrome will be forced to fullscreen. If you try to press "ESC" the chrome will go instantly back to fullscreen. What is the expected behavior? Chrome is stuck in a full screen mode. What went wrong? There should be a protection how many times "Fullscreen" can be triggered in some time limit. Did this work before? N/A Chrome version: 55.0.2883.87 Channel: stable OS Version: 10.0 Flash Version: Shockwave Flash 24.0 r0 Here is a video about the vulnerability: https://www.youtube.com/watch?v=L6Xr2wfxm4c I consider this is a very high threat vulnerability as you can take control of someone else's browser.
,
Apr 27 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Jan 18 2017Status: Duplicate (was: Unconfirmed)