Join the Mozilla’s Test Days event from 9–15 Jan to test the new Firefox address bar on Firefox Beta 135 and get a chance to win Mozilla swag vouchers! 🎁

Avatar for Username

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

此討論串已被封存。 如果您有需要幫助,請新增一個新問題

Found an attack site. Thought of way to prevent successful attack. (Feature Suggestion)

  • 2 回覆
  • 1 有這個問題
  • 2 次檢視
  • 最近回覆由 FredMcD

fcarney
fcarney
more options

I went to the site at this link (DO NOT CLICK!!!): http:// 134.249.116.78 /index.php The URL Google said the link would lead to is this: www. javcolor .com/ytvvo4l/npeeo6is.php?dtjfygku=embed...

It tried to brute force open dialogs to get me to download something and kept popping up all sorts of crap. It prevented me from closing the tab by opening up endless dialogs. I finally was able to close the tab by pressing ESC rapidly.

So my suggestion is to allow closing the current tab even if a dialog has focus in the application. This would not allow a website to pop up save dialogs and other dialogs preventing you from closing the tab. Honestly with the current architecture of applications I am not sure this is possible if the dialog is modal.

So I guess is there any kind of emergency mechanism to prevent this kind of thing already? I have pop ups blocked in Firefox settings. I just have never seen a someone abuse the save file dialog like this.

Perhaps I need some third party plugin to protect myself from this. I used to run Noscript, but ran into issues with usability of websites. I also got weary of having to enable servers all the time.

I went to the site at this link (DO NOT CLICK!!!): http:// 134.249.116.78 /index.php The URL Google said the link would lead to is this: www. javcolor .com/ytvvo4l/npeeo6is.php?dtjfygku=embed... It tried to brute force open dialogs to get me to download something and kept popping up all sorts of crap. It prevented me from closing the tab by opening up endless dialogs. I finally was able to close the tab by pressing ESC rapidly. So my suggestion is to allow closing the current tab even if a dialog has focus in the application. This would not allow a website to pop up save dialogs and other dialogs preventing you from closing the tab. Honestly with the current architecture of applications I am not sure this is possible if the dialog is modal. So I guess is there any kind of emergency mechanism to prevent this kind of thing already? I have pop ups blocked in Firefox settings. I just have never seen a someone abuse the save file dialog like this. Perhaps I need some third party plugin to protect myself from this. I used to run Noscript, but ran into issues with usability of websites. I also got weary of having to enable servers all the time.

由 James 於 修改

所有回覆 (2)

WestEnd
WestEnd
more options

The best one is don't go there. And why did you go to such sites? Best way to kill such pop is for PC Alt-Cntl-Delete and kill that task.

But future reference is why did you go to such sites to start if you didn't know what it was.

FredMcD
FredMcD
more options

Let's make sure your system is safe.

You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.