Summary: | limit number of javascript popups | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | tnagy <tnagy256> |
Component: | khtml ecma | Assignee: | Konqueror Developers <konq-bugs> |
Status: | RESOLVED WORKSFORME | ||
Severity: | crash | CC: | hydrogen, jtamate, justin.zobel, maksim, mattr, zahl |
Priority: | NOR | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | Compiled Sources | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: |
Description
tnagy
2004-08-27 14:46:43 UTC
This script looks to me as a trap to send the remote site your clipboard. I found this link already on another forum and a warning was raised it contains offensive material and sound. As told to save the link and look in it, it shows only a ascii graphic and this script. Why the hell should you send your CLIPBOARD to the remote site on entering the site. Advise to close this report and remove the link to that site. I'm afraid the reporter is also 'malicious' else he should mentioned it. >> I'm afraid the reporter is also 'malicious' else he should mentioned it.
I am sorry, i did not understand that there was a clipboard issue with it (the javascript code might have been changed ?). I have reported this bug because it made my kde crash and i think that this is a rather important issue (someone posted this url on irc, but i've seen it on /. too).
I can reproduce in both opera and konqueror. Not really sure what to do here, although I don't see why a site would need to open multiple popups at once legimtately Not sure if this should be wishlist or not, but the site does open as many popups as possible in a seemingly malicious manner. It's notable that my JS setting for pop-ups is "smart" and in this case I disagree with it ;) Can someone (an admin?) remove the link from the OP? It is a shock site, and since the code of it might change it is totally useless for our purposes. If the OP is legit, he should have at least made a minimal testcase and posted that, instead of linking to a shock site. This will be marked as invalid for several reasons: * The technical: The behavior described is solved using the javascript settings for opening new windows: smart, do not use allow. * The javascript described is also malicious and is not related to the bug description. * To get in a sane way the malicious code use kate or wget. This is either two or three bugs in one. And policy. So I'm bumping it to developers. The clipboard thing mentioned doesn't seem to be there anymore, the below items are. And it does actually kill my system with "smart" on. function procreate() { for(i = 0; i < 16; i++) { popUp("index.php?popup=1"); } } and <html> <body> <script language="javascript"> for ( i=0; i < 10; ++i ) alert(i); </script> </body> </html> (actually, we were never affected by the clipboard bits) Thank you for the report. As it has been a while since this was reported, can you please test and confirm if this issue is still occurring or if this bug report can be marked as resolved. I have set the bug status to "needsinfo" pending your response, please change back to "reported" or "resolved/worksforme" when you respond, thank you. Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please mark the bug as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone! This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging Thank you for helping us make KDE software even better for everyone! |