Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#3483 closed defect (fixed)

iFrames can break out of the sandbox and close cross domain parent windows/tabs

Reported by: passbrains Assignee:
Priority: P3 Milestone: Adblock-Browser-for-iOS-1.3.0
Module: Adblock-Browser-for-iOS Keywords:
Cc: jand, pavelz, mario Blocked By:
Blocking: Platform: Adblock Browser for iOS
Ready: yes Confidential: no
Tester: Scheer Verified working: yes
Review URL(s):

Description (last modified by mario)

Adapted from https://platform.passbrains.com/dashboard/view-ticket.php?ticket_no=AKI-39

Environment

iPhone 6
iOS 9.1
ABB 1.2.1

How to reproduce

  1. Install and open the app
  2. Open a new tab
  3. Browse to http://www.index.hr/mobile/clanak.aspx?category=black&id=856288

Observed behaviour

ABB randomly reacts in two ways:

  • Either the website stays open but the tab is closed in the background (can be verified by opening the tab window)
  • Or the website is closed immediately

(There is no definite way to reproduce one or the other - but either of them happen. Both can observed by trying the steps outlined above multiple times)

Expected behaviour

The website doesn't close immediately but stays open.

Additional background

This happens due to the fact that a Facebook iFrame calls window.close(). This, however, shouldn't close the whole tab.

Attachments (5)

Change History (22)

Changed 4 years ago by passbrains

Changed 4 years ago by passbrains

comment:1 Changed 4 years ago by mario

  • Component changed from Unknown to Adblock-Browser-for-iOS
  • Description modified (diff)

comment:2 Changed 4 years ago by pavelz

  • Cc vojtab removed

Cannot reproduce the crash with more tabs. The one tab is confirmed to become empty. This behavior was fixed recently in Kitt core - the tab properly closes itself. The behavior of closing itself is an effect of https://issues.adblockplus.org/ticket/3477, i.e. calling window.close and then trying to do more things.

comment:3 Changed 4 years ago by mario

  • Cc mario added
  • Priority changed from Unknown to P3

comment:4 Changed 4 years ago by pavelz

  • Blocked By 3477 added

comment:5 Changed 4 years ago by pavelz

To be verified working after https://issues.adblockplus.org/ticket/3477 is fixed

comment:7 Changed 4 years ago by jand

The crashes is no longer occurring. However, this issue reviewed different problem and that is the window.close() called from iFrame can actually close containing tab. This behaviour is unacceptable. On this particular page, Facebook iframe is calling window.close().

@mario: Can you please update this issue?

comment:8 Changed 4 years ago by mario

  • Description modified (diff)
  • Ready set
  • Summary changed from App crashes every time when try to open article on www.index.hr to iFrames can break out of the sandbox and close cross domain parent windows/tabs

Modified the description as suggested by jand: The app doesn't crash anymore but closes the tab immediately. @jand please have a look at whether this issue is still blocked by #3477. If not, feel free to remove it.

comment:9 Changed 4 years ago by jand

@mario: Those are two separated issue, which are related to different problems. I would like to tackle both.

comment:10 Changed 4 years ago by pavelz

  • Blocked By 3477 removed

comment:11 Changed 4 years ago by jand

  • Resolution set to fixed
  • Status changed from new to closed

comment:12 Changed 4 years ago by mario

  • Milestone set to Adblock-Browser-for-iOS-next

comment:13 Changed 4 years ago by mario

  • Milestone Adblock-Browser-for-iOS-next deleted

comment:14 Changed 4 years ago by mario

  • Milestone set to Adblock-Browser-for-iOS-next

Rebased the current release branch to include this ticket.

comment:15 Changed 4 years ago by mario

  • Resolution fixed deleted
  • Status changed from closed to reopened
Last edited 4 years ago by mario (previous) (diff)

comment:16 Changed 4 years ago by mario

  • Resolution set to fixed
  • Status changed from reopened to closed

Closed again - the assumed regression turned out to be unrelated.

comment:17 Changed 4 years ago by scheer

  • Tester changed from Unknown to Scheer
  • Verified working set
  • The website stays open and the tab is no longer closed in the background
  • The website no longer closes immediately.

ABB 1.3.0-qa (844)
iPhone 6 Plus- iOS 9.2.1

Note: See TracTickets for help on using tickets.