[Webkit-unassigned] [Bug 164853] [GTK] Handle infinite popup dialogs exploit
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Apr 27 05:39:35 PDT 2017
https://bugs.webkit.org/show_bug.cgi?id=164853
--- Comment #20 from Claudio Saavedra <csaavedra at igalia.com> ---
You are right in that it's most likely that modality refers uniquely to the page.
I have been checking today how this could be fixed and it seems to me that we need to go all the way down to WebCore. Fixing this in the GTK+ side only (to avoid showing the dialog) doesn't prevent the endless communication between ui and web processes coming from the endless amount of alerts that renders the browser unusable, so it's there where the alerts need to be ignored.
There's currently in WebCore::Page a forbidPrompts()/allowPrompts() that is used to disable them when the page is unloading. I think we probably need to do something similar (this is not useful as is because it blocks all kind of prompts, including window.print()).
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170427/6575d4cf/attachment.html>
More information about the webkit-unassigned
mailing list