Command execution

Talk about code development, features, specific bugs, enhancements, patches, and similar things.
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.

This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.

Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
User avatar
amaama
Newbie
Newbie
Posts: 4
Joined: 2024-05-26, 03:25

Command execution

Unread post by amaama » 2024-05-26, 03:36

Hello,

we have extreme problems with criminals, who use the

"overflow: hidden"

command in their web page source code. We need a wait to completely prevent the browser to execute this command. How can this be done?

Thank you

leothetechguy
Moonbather
Moonbather
Posts: 73
Joined: 2020-12-10, 18:46

Re: Command execution

Unread post by leothetechguy » 2024-05-26, 08:31

There is nothing criminal about this css property: https://developer.mozilla.org/en-US/doc ... S/overflow. It just hides overflowing content, it's very useful and sometimes necessary for styling. The only malicious use case I could think of is to hide SEO keywords meant to boost the position in search results, but then not executing that property wouldn't fix that.

Maybe if you could describe your situation in more detail we could suggest other solutions using extensions, which would allow using upstream builds and make updating much easier. Because removing that property requires editing the source code and recompiling the browser, which would require you to keep maintaining a fork of the browser, reapplying that change to every new release. That change would also break a lot of tests I think, so that isn't trivial.

User avatar
amaama
Newbie
Newbie
Posts: 4
Joined: 2024-05-26, 03:25

Re: Command execution

Unread post by amaama » 2024-05-26, 13:43

The latest things is: we received emails from criminals, in which that command blocks us from seeing the rest of the email.

Sure, we do know that the source has to be worked on, and be recompiled. But since the problem is important all we can do is to stop that stupid command execution. The command is utterly useless, anyway.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35931
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Command execution

Unread post by Moonchild » 2024-05-26, 14:55

I don't understand why you think that it would be the browser's task to "correct" a poorly-designed HTML e-mail.
If all you are after is seeing the raw text content, then you can tap the Alt key (which displays the menu bar) then go to "View" -> "Page Style" and select "No Style".

However I would strongly advise not to take anything in a mail received from criminals as being truth! You SHOULD NOT interact with them.

User avatar
andyprough
Keeps coming back
Keeps coming back
Posts: 797
Joined: 2020-05-31, 04:33

Re: Command execution

Unread post by andyprough » 2024-05-26, 18:24

amaama wrote:
2024-05-26, 03:36
Hello,

we have extreme problems with criminals, who use the

"overflow: hidden"

command in their web page source code. We need a wait to completely prevent the browser to execute this command. How can this be done?

Thank you
If you are trying to disable css for a page, you can do that with the eMatrix add-on - https://addons.palemoon.org/addon/ematrix/

User avatar
amaama
Newbie
Newbie
Posts: 4
Joined: 2024-05-26, 03:25

Re: Command execution

Unread post by amaama » 2024-06-02, 10:48

I installed that matrix-stuff. But I have no idea how it works.


"Post disapproved:
"Command execution"
Reason: The post offers no constructive contribution to the general topic of the thread posted in..
2024-05-26, 16:51"

This is the second time that programmers show that the have no clues at all about how a program is used.

What a shame.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35931
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Command execution

Unread post by Moonchild » 2024-06-02, 10:58

amaama wrote:
2024-06-02, 10:48
This is the second time that programmers show that the have no clues at all about how a program is used.
Post disapproval for that reason means moderators disapproved your forum post for being completely irrelevant and/or pointless, e.g. if you were to just post a "?" and nothing else.
But if you're convinced as a result of that, that we have no clue what we're doing, then my suggestion is you go use a different piece of software instead.

User avatar
amaama
Newbie
Newbie
Posts: 4
Joined: 2024-05-26, 03:25

Re: Command execution

Unread post by amaama » 2024-06-12, 09:04

Your arrogance it NOT a way to handle a serious flaw in your software.

Does the message "Please enable JS and disable any ad blocker" tell you something?

As I said: We already encountered other "specialists" of the same kind.

User avatar
Kris_88
Keeps coming back
Keeps coming back
Posts: 965
Joined: 2021-01-26, 11:18

Re: Command execution

Unread post by Kris_88 » 2024-06-12, 10:18

amaama wrote:
2024-06-12, 09:04
Your arrogance it NOT a way to handle a serious flaw in your software.
Does the message "Please enable JS and disable any ad blocker" tell you something?
You say stupid things, obviously due to your lack of knowledge.
The browser does exactly what it is supposed to do, according to the standards. If the author of the page has made it so that under certain conditions the message "Please enable JS and disable any ad blocker" is displayed, then the browser will display it.
This is not a browser issue. The browser just interprets the page code as it should.

Post Reply