feature rq: intercept at-end javascripts such as "are you su

Bug reports and enhancement requests
Post Reply
bill777
Posts: 1
Joined: Thu Oct 22, 2009 4:03 pm

feature rq: intercept at-end javascripts such as "are you su

Post by bill777 » Thu Oct 22, 2009 4:24 pm

feature rq: intercept at-end javascripts such as "are you sure you want to navigate away from this page "

(Yes, I am quite certain, thanks. That's why I tried to leave the page.)

... is a complete pain, mousetrap code in javascript, can be used by any idiot who thinks it's cool to trap you on their page. There's even a script up there on the web for the script-kiddies to annoy us with.

(The mozzila support thread parentId=417592&forumId=1 was closed as "solved", BUT IT PATENTLY IS NOT SOLVED.
Also there are loads of completely useless 'answers' out there, involving disabling things you need, or spuriously blaming innocent products.)

What seems to be required is an intercept of this type of script, something standard popup detectors do not do, because it is basically using "at-end" processing.
In fact, I'd like any such potential 'mousetrap' should be sprung. I just hate when I get stuck on some clown's page, unable even to reach the tabs or navi bar. Nothing works but to restart the box.
Perhaps there is a problem in that some things have a genuine need for an at-end processes. Whether to execute them should be up to me, though, not them.

Over to you, chaps.
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.0.6, Ant.com Toolbar 1.2

User avatar
Giorgio Maone
Site Admin
Posts: 8662
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: feature rq: intercept at-end javascripts such as "are you su

Post by Giorgio Maone » Thu Oct 22, 2009 7:28 pm

Example page?
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)

dasbooter
Posts: 3
Joined: Thu Oct 22, 2009 9:11 pm

Re: feature rq: intercept at-end javascripts such as "are you su

Post by dasbooter » Fri Oct 23, 2009 6:31 pm

Giorgio Maone wrote:Example page?


http://listen.grooveshark.com/


This is probably an innocuous use of this type of thing but I see how it could be put to worse use. It seems like to much power for a website I cannot even close firefox without getting this prompt ... I would have to send a kill signal to avoid this. Sorry if this is not a good example and hopefully I havent missed something simple I can do with noscript.
Thanks for your time
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.14) Gecko/2009090216 Ubuntu/8.10 (intrepid) Firefox/3.0.14

User avatar
Giorgio Maone
Site Admin
Posts: 8662
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: feature rq: intercept at-end javascripts such as "are you su

Post by Giorgio Maone » Fri Oct 23, 2009 7:33 pm

I get redirected to www.mynextmusic.it, and I don't get any confirmation dialog when I exit that page...
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)

Tom T.
Field Marshal
Posts: 3620
Joined: Fri Mar 20, 2009 6:58 am

Re: feature rq: intercept at-end javascripts such as "are you su

Post by Tom T. » Fri Oct 23, 2009 8:35 pm

Allowing only Grooveshark and the Flash intro, I didn't even get redirected. Script from mynextmusic showed up in the block list.
No message at all. (Fx 2.0.0.20)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20

dasbooter
Posts: 3
Joined: Thu Oct 22, 2009 9:11 pm

Re: feature rq: intercept at-end javascripts such as "are you su

Post by dasbooter » Fri Oct 23, 2009 9:30 pm

Well that is very weird. I don't get redirected. Grooveshark is site devoted to providing any music free of charge. It is a project run apparently by university of Florida students. It is controversial and is being sued by one of the major record labels although it is apparently trying to work out a deal with some record labels. The site uses a simple interface which I suppose uses various flash and java scripts ... I dont know much, but with the way you can drag and drop songs in the playlist it makes me think it is AJAX based. This site works great for me and I have never been redirected to anywhere there is a strip along the side that runs advertisements but that is apparently blocked by noscript. I had to allow grooveshark to run scripts for the page and interface to work. If I revoke the permissions to the page I can close the tab without getting this confirmation dialog but if I dont revoke those permissions I get that dialog which just warns you that if you navigate away from the page the music will stop. So ya redirection just doesnt seem like that type of site... dont know what to say?
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.14) Gecko/2009090216 Ubuntu/8.10 (intrepid) Firefox/3.0.14

User avatar
Giorgio Maone
Site Admin
Posts: 8662
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: feature rq: intercept at-end javascripts such as "are you su

Post by Giorgio Maone » Fri Oct 23, 2009 9:52 pm

OK, I managed to see the site by using an US proxy.
Apparently they redirect requests from outside US to similar sites (like in my first attempt).
The site is entirely done in Adobe Flash, and I still get no confirmation warning when leaving it.
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)

Tom T.
Field Marshal
Posts: 3620
Joined: Fri Mar 20, 2009 6:58 am

Re: feature rq: intercept at-end javascripts such as "are you su

Post by Tom T. » Fri Oct 23, 2009 11:12 pm

Giorgio Maone wrote:OK, I managed to see the site by using an US proxy.
Apparently they redirect requests from outside US to similar sites (like in my first attempt).

That explains something odd that I noticed in this thread about Google.de. Most of the rest of the page was in light gray, and non-functional, but the search feature worked fine. I had guessed that when it detected a US IP, it deliberately disabled features that would be useful only in Germany or perhaps Europe. Thanks for that unintentional tip. :)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20

dasbooter
Posts: 3
Joined: Thu Oct 22, 2009 9:11 pm

Re: feature rq: intercept at-end javascripts such as "are you su

Post by dasbooter » Sun Oct 25, 2009 5:11 pm

Giorgio Maone wrote:OK, I managed to see the site by using an US proxy.
Apparently they redirect requests from outside US to similar sites (like in my first attempt).
The site is entirely done in Adobe Flash, and I still get no confirmation warning when leaving it.


Uhhhh-ohhh

Maybe you have to be playing some music anyways this was just for demo purposes I dont think the website is malicious but now after your test I may have picked up something malicious darn

Screenshot:

Image


Edit: yes I guess you do have to play some music to get the prompt sorry about that
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.14) Gecko/2009090216 Ubuntu/8.10 (intrepid) Firefox/3.0.14

User avatar
therube
Ambassador
Posts: 7302
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: feature rq: intercept at-end javascripts such as "are you su

Post by therube » Sun Oct 25, 2009 5:27 pm

What's malicious (other then you have one __h u g e__screen)?
(IOW, I can get that confirmation screen too.)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5pre) Gecko/20091023 SeaMonkey/2.0.1pre

User avatar
Giorgio Maone
Site Admin
Posts: 8662
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: feature rq: intercept at-end javascripts such as "are you su

Post by Giorgio Maone » Sun Oct 25, 2009 5:48 pm

OK, surrogate scripts FTW:
  • noscript.surrogate.trap.replacement
    __defineSetter__("onbeforeunload", function() {})
  • noscript.surrogate.trap.sources
    @*
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)

User avatar
therube
Ambassador
Posts: 7302
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: feature rq: intercept at-end javascripts such as "are you su

Post by therube » Sun Oct 25, 2009 6:04 pm

Looks to do it.
Where did you find the 'onbeforeunload'. (I looked through various files for "load" & other terms but didn't find that, or missed it?)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5pre) Gecko/20091023 SeaMonkey/2.0.1pre

User avatar
Giorgio Maone
Site Admin
Posts: 8662
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: feature rq: intercept at-end javascripts such as "are you su

Post by Giorgio Maone » Sun Oct 25, 2009 6:09 pm

I suppose it's attached directly from within the Flash applet. Don't you know Flash can do Javascript?
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)

User avatar
therube
Ambassador
Posts: 7302
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: feature rq: intercept at-end javascripts such as "are you su

Post by therube » Wed Oct 28, 2009 1:17 am

Found another source for this type of message.

http://mail.live.com/

Log in.
New (as in new message).
Type some text into the message box.
Click the Cancel button.

Code: Select all

Are you sure you want to navigate away from this page?
You're about to throw away this message without sending it.
Press OK to continue, or Cancel to stay on the current page.

Unaffected by the above surrogate, though don't know if it should be?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5pre) Gecko/20091023 SeaMonkey/2.0.1pre

Post Reply