NEW 62310
www.uniteful.com/39 closes itself when opened from a link on Twitter 
https://bugs.webkit.org/show_bug.cgi?id=62310
Summary www.uniteful.com/39 closes itself when opened from a link on Twitter
Doug Luce
Reported 2011-06-08 12:53:42 PDT
This is supposedly: Google Chrome 11.0.696.77 (Official Build 87952) WebKit 534.24
Attachments
Add attachment proposed patch, testcase, etc.
Doug Luce
Comment 1 2011-06-08 12:57:27 PDT
Clicks on a link on a tweet via twitter's page cause the referred-to page to come up in a new tab, then immediately close. I can tweet out http://www.uniteful.com/35 and the link will appear in my stream. Upon clicking, the link comes up very quickly in a new tab. Then, that same tab closes after less than 100ms or so. This behavior happens in Chrome on both OSX and Windows, and also Safari. It doesn't happen in Firefox, IE7 (Win), or Opera (10.6 for Win, 11.11 for OSX). If I turn off Javascript in Safari, the behavior stops. But I can't seem to track down what bit of JS might be responsible for this.
Daniel Bates
Comment 2 2011-06-08 14:03:04 PDT
From briefly debugging the issue, window.close() is being called in the .ready() handler (http://api.jquery.com/ready/) in <http://www.uniteful.com/javascripts/application.js> when the script detects that the window was opened from another window.
Ryosuke Niwa
Comment 3 2011-06-08 14:13:05 PDT
Some investigation on Firebug tells me that Firefox's origin policy prohibits reload: Permission denied to access property 'reload' [Break On This Error] window.opener.location.reload(true); So maybe that's what we need to do.
Adam Barth
Comment 4 2011-06-08 14:16:42 PDT
Interesting. Yeah, I don't think we have security checks on reload. Maybe we should.
Ryosuke Niwa
Comment 5 2011-06-08 14:19:21 PDT
(In reply to comment #4) > Interesting. Yeah, I don't think we have security checks on reload. Maybe we should. I think we should. You can trigger a replay attack if websites aren't careful about URL they open.
Doug Luce
Comment 6 2011-06-08 14:28:44 PDT
Fine catch from dbates on the misplaced popup-closing code in the ready function. I've taken that out of the www.uniteful.com code, but here's the original offending bit for reference: <script src="/javascripts/jquery-1.4.2.min.js" type="text/javascript"></script> (function($){ $(document).ready(function(){ // ... if(window.opener) { window.opener.location.reload(true); window.close() } }); })(jQuery);
Abhishek Arya
Comment 7 2011-06-08 14:41:54 PDT
Adam, do you think it is a security bug ?
Adam Barth
Comment 8 2011-06-08 14:47:25 PDT
> Adam, do you think it is a security bug ? Nope.
Doug Luce
Comment 9 2011-06-08 15:05:51 PDT
I've put the original broken page back up for ease-of-repro along with a link to a version without that document.close in the document.ready handler: http://webkit.con.com/linking.html
Ryosuke Niwa
Comment 10 2011-06-08 15:24:05 PDT
I tried to create a http test but I don't know how I can emulate opening a link by a mouse click.
Alexey Proskuryakov
Comment 11 2011-06-08 15:35:13 PDT
> window.opener.location.reload(true); > window.close() Even though Firefox bails out with an assertion on reload() in this particular example, wouldn't it have prevented close(), if reached? I think that Firefox rarely allows programmatic close(). > I tried to create a http test but I don't know how I can emulate opening a link by a mouse click. You can use EventSender if it's important to simulate mouse click.
Ryosuke Niwa
Comment 12 2011-06-08 15:37:55 PDT
(In reply to comment #11) > > I tried to create a http test but I don't know how I can emulate opening a link by a mouse click. > > You can use EventSender if it's important to simulate mouse click. I tried but the target was never loaded. I don't know what I did wrong :(
Note You need to log in before you can comment on or make changes to this bug.