Pretraži podršku

Izbjegni prevare podrške. Nikad te nećemo tražiti da nas nazoveš, da nam pošalješ telefonski broj ili da podijeliš osobne podatke. Prijavi sumnjive radnje pomoću opcije „Prijavi zlouporabu”.

Saznaj više

Are you developing a defense against malicious use of site-generated error messages (as examplified by the [rather harmless] hurr-durr.com)?

  • 4 odgovora
  • 3 imaju ovaj problem
  • 1 prikaz
  • Posljednji odgovor od danbae

more options

If you enter the hurr-durr.com website, it will demonstrate how messages generated by a specific website can be used to paralyse the web browser such that you will need to quit your browser and restart it. Basically, any action from the user (such as trying to close the tab used by hurr-durr.com) is met with a nonsense message and no other response (tab remains open). Shouldn't there be some kind of defense against this? hurr-durr is rather daft and harmless but I can imagine that this loophole can be used for more sinister purposes.

If you enter the hurr-durr.com website, it will demonstrate how messages generated by a specific website can be used to paralyse the web browser such that you will need to quit your browser and restart it. Basically, any action from the user (such as trying to close the tab used by hurr-durr.com) is met with a nonsense message and no other response (tab remains open). Shouldn't there be some kind of defense against this? hurr-durr is rather daft and harmless but I can imagine that this loophole can be used for more sinister purposes.

Svi odgovori (4)

more options

It relies upon JavaScript, you can use the NoScript add-on to prevent that sort of site from working. NoScript by default blocks all JavaScript and lets you specify what sites you want JavaScript to work on.

more options

Thank you for a prompt reply. It was very helpful. But since a lot of websites use Javascripts, maybe there will be a lot of extra handling. Also you can't know in advance which scripts will be malicious. Ideally you would like something that stops javascripts from doing certain things, like preventing the closing of a page. Maybe that is very difficult.

more options

The next Firefox 4.0 version will have a check box on such alert messages to prevent further alerts from appearing.

See also:

more options

That sounds like a straightforward and useful remedy. Very much looking forward to that.