New issue
Advanced search Search tips

Issue 919992 link

Starred by 2 users
Status: Unconfirmed
Owner: ----
Cc:
a...@chromium.org
mustaq@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 2
Type: Bug



Sign in to add a comment

Popunder Bypass with keypress event and FullScreen

Reported by guilherm...@gmail.com, Jan 8 
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Steps to reproduce the problem:
1. open the attached .html file in macOs.
2. Press any key.
3. The window goes to the fullscreen event and back, at this time a popunder is opened.

Tested with:
Chrome 71.0.3578.98 (Versão oficial) 64 bits (mac)

What is the expected behavior?
The popunder window should not be opened.

What went wrong?
The popunder window is opened.

Did this work before? N/A 

Chrome version: 71.0.3578.98  Channel: stable
OS Version: OS X 10.14.0
Flash Version: 32.0.0.114

this works on macOs Movaje 10.14
poc.html
412 bytes View Download

Comment 1 by rsesek@chromium.org, Jan 11

Components: UI>Browser>PopupBlocker
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
Bypassing the popup blocker is not really a security issue, but it could be used for abuse. This may even be working as intended because the popup is opened from within the user gesture.

Comment 2 by csharrison@chromium.org, Jan 11

Cc: a...@chromium.org mustaq@chromium.org
Labels: Hotlist-Abusive
Can't reproduce on Linux. Ideally the fullscreen would "consume" the user gesture and prevent window opening, but I don't think it's implemented that way.

Comment 3 by guilherm...@gmail.com, Jan 11 

just worked out in macOs.
I made a PoC video, you can check here: https://youtu.be/jx5s85OSWTU

Comment 4 by mustaq@chromium.org, Jan 11 

Fullscreen doesn't consume activation now, but we are discussion to do that (Issue 852645).

Comment 5 by phanindra.mandapaka@chromium.org, Jan 12

Labels: Needs-Triage-M71

Sign in to add a comment