-
Notifications
You must be signed in to change notification settings - Fork 65
ALLOWPOPUPS_HTML_CHECK
Anthony Trummer edited this page Jan 6, 2022
·
4 revisions
When the allowpopups
attribute is present, the guest page will be allowed to open new
windows. Pop-ups are disabled by default.
Disabling pop-ups reduces the risk of UI-redressing attacks and limits the exploitability of window abuses. Additionally, pop-ups are often used for intrusive advertising and persistency in JavaScript-based attacks.
Search for the specific allowpopups
blinkfeatures attribute in webview
tags:
<webview src="https://doyensec.com/" allowpopups></webview>