Hi malware fighters,
Many have heard about JS exploits like clickjacking, but there are other JavaScript design flaws, as the following example shows.... First of all the user clicks on a button/link. Then a new tab/window opens which loads the content of hxxp://www.google.com. Five seconds later, the newly created tab is preloaded with the content of hxxp://www.gnucitizen.org. Disturbing here is the break in trust relationship between the user and google.com... and there are various other ways to play out this simple magic... as gnucitizen found.
<html>
<body>
<script>
function clickme() {
var w = window.open('hxxp://www.google.com');
setTimeout(function () {
w.location = 'hxxp://www.gnucitizen.org';
}, 5000);
}
</script>
<input type="button" value="click me" onclick="clickme(this)"/>
</body>
</html>
Just another reason to have NoScript and RequestPolicy inside the Fx browser,
polonus
