New issue
Advanced search Search tips

Issue 769864 link

Starred by 1 user
Status: Fixed
Owner:
a...@chromium.org
Closed: Sep 2017
Cc:
tkent@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 2
Type: Bug



Sign in to add a comment

Popunder restriction bypass with form validation error message(Mac only)

Reported by masatoki...@gmail.com, Sep 28 2017 
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Steps to reproduce the problem:
1. Go to http://vulnerabledoma.in/popunder/form_validation.html. 
2. Click "Create PopUnder" button. 
3. The popunder window is opened.

What is the expected behavior?
The popunder window should not be opened.

What went wrong?
The popunder window is opened.

Did this work before? N/A 

Chrome version: 61.0.3163.100  Channel: stable
OS Version: OS X 10.12.6
Flash Version: 

This works on Mac only.

Comment 1 by ligim...@chromium.org, Sep 28 2017

Labels: Needs-Triage-M61

Comment 2 by a...@chromium.org, Sep 28 2017

Owner: a...@chromium.org

Comment 3 by tapted@chromium.org, Sep 29 2017

Status: Assigned (was: Unconfirmed)
(note I couldn't repro in 63.0.3226.0 but I guess avi is looking).

Comment 4 by a...@chromium.org, Sep 29 2017 

Yeah, I couldn't repro in m63 either. Maybe worth a bisect?

Comment 5 by a...@chromium.org, Sep 29 2017

Cc: tkent@chromium.org
Status: Fixed (was: Assigned)
Bisected. This was fixed by moving the validation bubble to the renderer with 2752293b8965ddfdcf7a3780573e795188a62f1f in Chrome 62.

Chrome 62 is going stable in a few weeks, so I'm going to call this fixed.

tkent: 🙏

Sign in to add a comment