[Webkit-unassigned] [Bug 47593] Require a user gesture to open the file dialog
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Feb 22 15:30:36 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=47593
--- Comment #13 from Andy Estes <aestes at apple.com> 2011-02-22 15:30:36 PST ---
I will note that from reading the mozilla bug it seems like Firefox has mitigation against creating modal dialogs in a loop, which they apply to file chooser dialogs as well. I'm not sure if we do something similar. This is the type of exploit they wish to avoid (copied from the bug):
myFileControl = doc.getElementById('file');
do {
myFileControl.click();
} while (!fileContainsDirectionsToSecretVolcanoLair(myFileControl.files[0]));
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list