Opened on 01/07/2016 at 10:15:54 AM

Closed on 03/04/2016 at 09:37:56 AM

Last modified on 03/08/2016 at 07:10:39 AM

#3483 closed defect (fixed)

iFrames can break out of the sandbox and close cross domain parent windows/tabs

Reported by: passbrains Assignee:
Priority: P3 Milestone: Adblock-Browser-for-iOS-1.3.0
Module: Adblock-Browser-for-iOS Keywords:
Cc: jand, pavelz, mario Blocked By:
Blocking: Platform: Adblock Browser for iOS
Ready: yes Confidential: no
Tester: Scheer Verified working: yes
Review URL(s):

Description (last modified by mario)

Adapted from https://platform.passbrains.com/dashboard/view-ticket.php?ticket_no=AKI-39

Environment

iPhone 6
iOS 9.1
ABB 1.2.1

How to reproduce

  1. Install and open the app
  2. Open a new tab
  3. Browse to http://www.index.hr/mobile/clanak.aspx?category=black&id=856288

Observed behaviour

ABB randomly reacts in two ways:

  • Either the website stays open but the tab is closed in the background (can be verified by opening the tab window)
  • Or the website is closed immediately

(There is no definite way to reproduce one or the other - but either of them happen. Both can observed by trying the steps outlined above multiple times)

Expected behaviour

The website doesn't close immediately but stays open.

Additional background

This happens due to the fact that a Facebook iFrame calls window.close(). This, however, shouldn't close the whole tab.

Attachments (5)

11212_1447702191_AdblockBrowser_2015-11-16-194056_Polly.ips (57.9 KB) - added by passbrains on 01/07/2016 at 10:15:57 AM.
11212_1447702191_AdblockBrowser_2015-11-16-194132_Polly.ips (59.9 KB) - added by passbrains on 01/07/2016 at 10:15:58 AM.
11212_1447702191_AdblockBrowser_2015-11-16-194515_Polly.ips (56.3 KB) - added by passbrains on 01/07/2016 at 10:15:59 AM.
11212_1447702191_index-lq.mp4 (7.1 MB) - added by passbrains on 01/07/2016 at 10:16:04 AM.
11212_1447702191_index-crash-log.txt (120.3 KB) - added by passbrains on 01/07/2016 at 10:16:05 AM.

Download all attachments as: .zip

Change History (22)

Changed on 01/07/2016 at 10:15:57 AM by passbrains

Changed on 01/07/2016 at 10:15:58 AM by passbrains

Changed on 01/07/2016 at 10:15:59 AM by passbrains

Changed on 01/07/2016 at 10:16:04 AM by passbrains

Changed on 01/07/2016 at 10:16:05 AM by passbrains

comment:1 Changed on 01/07/2016 at 10:21:26 AM by mario

  • Component changed from Unknown to Adblock-Browser-for-iOS
  • Description modified (diff)

comment:2 Changed on 01/07/2016 at 11:38:12 AM by pavelz

  • Cc vojtab removed

Cannot reproduce the crash with more tabs. The one tab is confirmed to become empty. This behavior was fixed recently in Kitt core - the tab properly closes itself. The behavior of closing itself is an effect of https://issues.adblockplus.org/ticket/3477, i.e. calling window.close and then trying to do more things.

comment:3 Changed on 01/07/2016 at 03:23:37 PM by mario

  • Cc mario added
  • Priority changed from Unknown to P3

comment:4 Changed on 01/12/2016 at 08:41:01 AM by pavelz

  • Blocked By 3477 added

comment:5 Changed on 01/28/2016 at 10:25:48 AM by pavelz

To be verified working after https://issues.adblockplus.org/ticket/3477 is fixed

comment:6 Changed on 01/28/2016 at 10:37:04 AM by pavelz

https://www.pivotaltracker.com/story/show/112583019

comment:7 Changed on 02/09/2016 at 09:59:40 AM by jand

The crashes is no longer occurring. However, this issue reviewed different problem and that is the window.close() called from iFrame can actually close containing tab. This behaviour is unacceptable. On this particular page, Facebook iframe is calling window.close().

@mario: Can you please update this issue?

comment:8 Changed on 02/09/2016 at 10:28:54 AM by mario

  • Description modified (diff)
  • Ready set
  • Summary changed from App crashes every time when try to open article on www.index.hr to iFrames can break out of the sandbox and close cross domain parent windows/tabs

Modified the description as suggested by jand: The app doesn't crash anymore but closes the tab immediately. @jand please have a look at whether this issue is still blocked by #3477. If not, feel free to remove it.

comment:9 Changed on 02/09/2016 at 04:09:20 PM by jand

@mario: Those are two separated issue, which are related to different problems. I would like to tackle both.

comment:10 Changed on 02/09/2016 at 04:18:19 PM by pavelz

  • Blocked By 3477 removed

comment:11 Changed on 02/11/2016 at 09:34:05 AM by jand

  • Resolution set to fixed
  • Status changed from new to closed

comment:12 Changed on 02/26/2016 at 02:06:20 PM by mario

  • Milestone set to Adblock-Browser-for-iOS-next

comment:13 Changed on 02/29/2016 at 10:26:58 AM by mario

  • Milestone Adblock-Browser-for-iOS-next deleted

comment:14 Changed on 03/02/2016 at 02:48:19 PM by mario

  • Milestone set to Adblock-Browser-for-iOS-next

Rebased the current release branch to include this ticket.

comment:15 Changed on 03/03/2016 at 05:24:01 PM by mario

  • Resolution fixed deleted
  • Status changed from closed to reopened
Last edited on 03/04/2016 at 09:35:52 AM by mario

comment:16 Changed on 03/04/2016 at 09:37:56 AM by mario

  • Resolution set to fixed
  • Status changed from reopened to closed

Closed again - the assumed regression turned out to be unrelated.

comment:17 Changed on 03/08/2016 at 07:10:39 AM by scheer

  • Tester changed from Unknown to Scheer
  • Verified working set
  • The website stays open and the tab is no longer closed in the background
  • The website no longer closes immediately.

ABB 1.3.0-qa (844)
iPhone 6 Plus- iOS 9.2.1

Add Comment

Modify Ticket

Change Properties
Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from (none).
AttachmentsDescription
 
Note: See TracTickets for help on using tickets.