Mozilla Developing Secure Full-Screen Firefox Feature

However, O'Callahan said that Mozilla is concerned about security issues, for example about the fact that a user will not see the URL of a service in full-screen mode.

The engineer suggested that Mozilla could go different routes to make full-screen scenarios more secure, for example by enabling full-screen modes only through a manual user request and providing a pop-up window.

"We can make sure that when going full-screen, we display a clear message describing how to leave full-screen - like Flash does, but hopefully better, O'Callahan wrote. "Then if a malicious page goes full-screen when the user didn't want to, the user will probably exit full-screen immediately."

More problematic are spoofing attacks that occur when a full-screen window is already opened. However, O'Callahan says that "most spoofing attacks require user input that the browser can detect" in which cases the URL bar could be shown. But even there appear to be issues, as especially games are designed to be in full-screen mode all the time "while receiving the full range of user input."

Mozilla does not have a solution for this problem and is asking security researchers for feedback.

Latest

Grab this cool retro console inspired keyboard for just $83

After years of testing, Seagate claims its heat-assisted HAMR drives are as reliable as traditional PMR storage

HP Enterprise sues China's Inspur for patent infringement, claims it's continuing US operations despite sanctions

See more latest ►

16 Comments Comment from the forums

HansVonOhain

And this feature will be on firefox 9.
Reply
HansVonOhainAnd this feature will be on firefox 9.
So by Nov then, sweet!
Reply
amigafan

I see Tom's just like Mozilla started with scheme of lots of minor and actually unimportant stuff released extremely often.
Reply
KonstantinDK

Just make sure you can close it with ESC. And make sure every one knows that (display a tip when move mouse to the side of screen)
Reply
And now we move the URL box 1 pixel to the left ... OMG FIREFOX 7
Reply
aaron88_7

Call me old fashioned but I like toolbars, menus, and browser skins. I have a 23" monitor, I don't need a full screen browser. After all, it's just a f-ing web browser. Most websites still aren't even optimized for widescreen so I don't know what they think people are missing out on.

Next thing they'll be making their browsers compatible with triple monitor displays....
Reply
DSpider

Man, hackers will have a blast if they can get a fullscreen HTML5 portal to look like Windows XP (7 hasn't caught on yet for the majority of middle-aged men and women).

Haha. I remember I sent a screenshot to one of my mom's co-workers a few years back and she didn't know how to close it. Hahahahahaha. She said she kept clicking the red X button from the picture for a minute or so. Omg... And I even had the silver theme on... I hope I don't EVER get like this when I'm old. Damn.
Reply
JasonAkkerman

Full screen??? hmmm F11 anyone?
Reply
jacobdrj

What makes this secure?

Full screen is awesome on my netbook, FYI...
Reply
brandonjclark

Hmm, I've got seven tabs open right now and am using around 192mb. Sure, that's a lot for certain. But still, don't double the figure dude....

Also, I see this as a bad thing. It sounds like it could be hijacked and then the user would think they were connecting to a site but it could then be spoofed.
Reply

Show more comments

Stay on the Cutting Edge

Most Popular