Issue metadata
Sign in to add a comment
|
DevTools can be detected
Reported by
metuxits...@googlemail.com,
Jan 26 2018
|
||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux i686 (x86_64)) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/63.0.3239.84 Chrome/63.0.3239.84 Safari/537.36 Steps to reproduce the problem: 1. go to facebook 2. open devtools (right click on the page -> choose inspect 3. look at the messages - facebook is able to detect usage of devtools What is the expected behavior? Sites should never ever be able to get any notification when devtools are opened. What went wrong? Malicious sites can highjack the development tools ! Did this work before? N/A Chrome version: 63.0.3239.84 Channel: n/a OS Version: Flash Version: If the issue is ignored again we're forced to open up CVEs and publish this case all over the world (takes a few minutes to reach thousands of people).
,
May 5 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Jan 26 2018Status: WontFix (was: Unconfirmed)
Summary: DevTools can be detected (was: XSS vulnerability in devtools:)