The bug i want to mention here is a denial of service attack that will not allow any kind of redirection on a page crafted by attacker where we have used hyper-links(ahref).
The bug can be maliciously used by crafting an HTML file by an attacker and then sending it to the victim clearly showing there is a hyper-link that redirects to lets say (google.com) through status bar but it will not , instead cause denial of service , browser's also hang up and Crashes.
I have tested it on the Very Latest Version of Ubuntu LTS Default Browser.
Reason:
The following script stops the page from being redirected:
window.onbeforeunload = function(){
//Unredirectable Page
setTimeout("window.location=document.location;",0);
}
Hey Team ,
The bug i want to mention here is a denial of service attack that will not allow any kind of redirection on a page crafted by attacker where we have used hyper-links(ahref).
The bug can be maliciously used by crafting an HTML file by an attacker and then sending it to the victim clearly showing there is a hyper-link that redirects to lets say (google.com) through status bar but it will not , instead cause denial of service , browser's also hang up and Crashes.
I have tested it on the Very Latest Version of Ubuntu LTS Default Browser.
Reason: onbeforeunload = function(){ "window. location= document. location; ",0);
The following script stops the page from being redirected:
window.
//Unredirectable Page
setTimeout(
}
Demo URL : http:// hackies. in/Unredirect- Browsers- Test.html
Actual results:
It should redirect me to the new page , where as it don't redirect to a new page and the browsers Hangs up.
Expected results:
So dependency of JavaScript objects( window. document) on Href attribute should not be there.
Attached POC for References