Popunder restriction bypass with navigation to external protocol
Reported by
masatoki...@gmail.com,
Sep 25 2017
|
||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3222.0 Safari/537.36 Steps to reproduce the problem: 1. Go to https://vulnerabledoma.in/popunder/external_protocol.html . 2. Click "Create PopUnder" button. 3. The popunder window is opened. What is the expected behavior? The popunder window should not be opened. What went wrong? The popunder window is opened. Did this work before? N/A Chrome version: 63.0.3222.0 Channel: n/a OS Version: 10.0 Flash Version: This bug is different from Issue 768230 . I confirmed this works on Windows. I couldn't reproduce on Mac.
,
Sep 26 2017
,
Sep 26 2017
This issue looks duplicate to issue 768230 . avi@ could you please take a look in to this issue.
,
Sep 26 2017
This is *not* a duplicate of 768230.
,
Sep 27 2017
The activation happens here:
views::HWNDMessageHandler::Activate [0x0000000011BE59C4+52]
views::DesktopWindowTreeHostWin::Activate [0x0000000011E4A694+36]
views::DesktopNativeWidgetAura::Activate [0x0000000011E2ACD3+51]
views::Widget::Activate [0x0000000011D8D344+36]
views::FocusManager::SetFocusedViewWithReason [0x0000000011D28146+294]
views::FocusManager::SetFocusedView [0x0000000011BDD613+35]
views::View::RequestFocus [0x0000000011D72939+121]
constrained_window::NativeWebContentsModalDialogManagerViews::Focus [0x000000000E317D23+147]
constrained_window::NativeWebContentsModalDialogManagerViews::Show [0x000000000E3187A1+321]
web_modal::WebContentsModalDialogManager::ShowDialogWithManager [0x000000000998AC60+320]
constrained_window::ShowModalDialog [0x000000000E3153BD+301]
constrained_window::ShowWebModalDialogViews [0x000000000E314B5B+219]
ExternalProtocolDialog::ExternalProtocolDialog [0x000000000AEF153B+1307]
ExternalProtocolHandler::RunExternalProtocolDialog [0x000000000AEF1E08+232]
,
Oct 30 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7154fd06247eb6ec748720b19cffae42fe8ebc1e commit 7154fd06247eb6ec748720b19cffae42fe8ebc1e Author: Avi Drissman <avi@chromium.org> Date: Mon Oct 30 19:50:41 2017 Don't activate tabs showing tab modal dialogs. BUG= 768475 , 768900 ,769351 TEST=as in bugs Change-Id: I1fb3244db8883e059e927e84ecca09dd3591f75d Reviewed-on: https://chromium-review.googlesource.com/687811 Reviewed-by: Mike Wittman <wittman@chromium.org> Reviewed-by: Scott Violet <sky@chromium.org> Reviewed-by: Sidney San MartÃn <sdy@chromium.org> Commit-Queue: Avi Drissman <avi@chromium.org> Cr-Commit-Position: refs/heads/master@{#512585} [modify] https://crrev.com/7154fd06247eb6ec748720b19cffae42fe8ebc1e/chrome/browser/ui/blocked_content/popup_blocker_browsertest.cc [modify] https://crrev.com/7154fd06247eb6ec748720b19cffae42fe8ebc1e/chrome/browser/ui/cocoa/web_contents_modal_dialog_host_cocoa.h [modify] https://crrev.com/7154fd06247eb6ec748720b19cffae42fe8ebc1e/chrome/browser/ui/cocoa/web_contents_modal_dialog_host_cocoa.mm [modify] https://crrev.com/7154fd06247eb6ec748720b19cffae42fe8ebc1e/chrome/browser/ui/views/frame/browser_view_layout.cc [modify] https://crrev.com/7154fd06247eb6ec748720b19cffae42fe8ebc1e/components/constrained_window/native_web_contents_modal_dialog_manager_views.cc [modify] https://crrev.com/7154fd06247eb6ec748720b19cffae42fe8ebc1e/components/web_modal/modal_dialog_host.cc [modify] https://crrev.com/7154fd06247eb6ec748720b19cffae42fe8ebc1e/components/web_modal/modal_dialog_host.h
,
Nov 1 2017
|
||||
►
Sign in to add a comment |
||||
Comment 1 by manoranj...@chromium.org
, Sep 25 2017