One developer has encountered a potential security risk in Chrome. You can hide the URL bar while the page displays its own URL bar. As a result, users can no longer leave the page.
Because of how it works through a web page on the webpage to fool the user, James Fisher calls it "Inception Bar". Your proof of concept contains no malware, but it shows how it works. For example, the page with the explanation scrolling up shows a URL bar containing the HSBC bank page. As a result, malicious parties could use the technique in spoofing.
If the url bar disappears from the screen, the developer will place the entire page in a & # 39; scroll jail & # 39; with a scroll: overflow element in the code. If the user then scrolls up, this happens on that element of the web page, but not on the page itself. As a result, Chrome will not display the URL bar again.
The technique also works by scrolling up with a large fill element at the top of the page. This puts the user back at the beginning of the article. The technology does not work without failures. In some cases, the browser displays the slash, so a double slash can be seen.
The technology would no longer work if Google decided not to automatically hide the URL bar in Chrome for Android. This is happening for now, which means that this technology will continue to work for now. Google has not yet responded to the proof of concept.