Detect Redirects, Reset Permissions When Found

Ask for help about NoScript, no registration needed to post
User avatar
therube
Ambassador
Posts: 7366
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Detect Redirects, Reset Permissions When Found

Post by therube » Fri May 31, 2019 2:10 am

Detect Redirects, Reset Permissions When Found


Some websites reopen the current page, focused, in a new tab, replacing the existing page (in the background) with "spam".

Actions:

You're on Site1
You click into the page on Site1

Results:

A new, focused tab is opened - the very page you were on, Site1
Existing (now background) tab is replaced by a "spam" page (be it from the same domain or totally different), Site2

How NoScript plays in...

Say you 'Disable Restrictions for "this tab"' with the intention of doing just that

Results:

Restrictions are disabled for "this tab", but because of the "redirect", "this tab" is now (a potentially totally unrelated), Site2
The foreground tab - of the page that you were initially on, does have defaulted permissions, because it is no longer "this tab", but instead a different tab

So:

NoScript is doing what it is supposed to be doing.
But as far as the user is concerned, it is not, because of the website "trickery" the "concept" of "this tab" changed, & you're now seeing, Site2.

Now granted, the very same would happen if you clicked (a link, or otherwise) in "this tab", & that link also opened Site2 - also in "this tab" - but because of "trickery", because of the redirect, you may not be aware that anything untoward had actually happened...

And as I write this, I remember, dom.popup_allowed_events, which (by nuking its' values) would likely handle this situation?
No, probably not, actually?


Anyhow, if NoScript is able to catch a situation like this, & revoke the permissions of "this tab", might help.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.5