Allow opening NoScript menu if Firefox dialogs are open

[u.o.]

I stumbled accross a (German) order of punishment (scan, jpg), for someone who posted a link into a public chat, inside of HTML code (iframe), which got executed.

Out of interest, I opened the mentioned URL (attention! NSFW and your browser might crash!):
httX://gruene.on.nimp.org/ (exchange "X" with "p")

I saw only two (disgusting) images. Then I allowed scripts temporary with NoScript. Boom!
It can't exactly recall what happend when / in what order … it opened two download messages for a PDF and several messages, that Firefox doesnt know how to open „news“ URLs. And when I clicked „Okay“ at this last message, it opened this news URL again, again following the message, that Firefox does not know, how to open it.

And that means, that I was unable to „flee“. I couldnt close this malicious tab, I couldnt change tabs, couldnt open new tabs. And … I couldnt access the NoScript menu, because of these relentless opening Firefox messages (can't open "news" …).

And so I had no chance to disable this temporary allowed script. I had to kill the whole firefox process.

-> Would it be possible, to allow opening the NoScript menu, while there are Firefox dialogs open?

Or: what could I have done in this situation? If I edited some text in an other tab, this content would be lost because of killing the Firefox :/

[therube]

IMO, the best thing to do in those circumstances is to kill the browser.
Extensions should be up to date.
JavaScript should be disabled in Acrobat.
Better yet to not have PDFs open in the browser window, but rather open separately in Acrobat itself.

I'm going to assume that whatever key you may have pressed to try to get out, the site was capturing it & doing what it wanted to do in any case.

Code: Select all

function altf4key() { if (event.keyCode == 18 || event.keyCode == 115) alert("Our lawyer has informed ...

And when you're highly suspicious of a site, examine the code (for what it may be worth) before Allowing in NoScript.