I’ve never seen any website cause a firewall permission request

  • notfromhere@lemmy.one
    link
    fedilink
    English
    arrow-up
    97
    ·
    edit-2
    11 months ago

    Word of caution, if you have been browsing successfully until now, it could be a malicious javascript app or malware loaded from that website that is attempting to scan your network or do other things. In other words if this is a new firewall request above and beyond the standard one librewolf needs to function, proceed with cation.

    • waigl@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      11 months ago

      In theory, that shouldn’t even be possible with JavaScript. There’s such a thing as same-origin policy for that exact reason…

      • Cinner@lemmy.worldB
        link
        fedilink
        English
        arrow-up
        7
        ·
        11 months ago

        Have you really never heard of malware from JavaScript? Buffer overflows and sandbox escapes are almost all JavaScript, still, hasn’t changed in the last decade. Sometimes it’s a random font parser library or something, but almost always it’s JavaScript. And now that browsers are auto-updating and they have fully staffed security teams behind them that get word of a vulnerability being secretly exploited before the general public, most people don’t get hit just because they browsed to a random website. But it’s still possible, and especially likely that a shady torrent site could be hosting malware or get ““hacked””.

        • waigl@lemmy.world
          link
          fedilink
          English
          arrow-up
          8
          arrow-down
          1
          ·
          11 months ago

          I’ve read that article. It is complete garbage and doesn’t explain anything at all. It’s just standard cookie cutter fear mongering to sell some random antivirus software.

          • notfromhere@lemmy.one
            link
            fedilink
            English
            arrow-up
            4
            ·
            11 months ago

            That article is for lay-persons and really an awareness article I surmise. If you’re technical you are likely already aware of the security concerns with jacascript.

    • Nix@merv.newsOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      11 months ago

      That’s what I’m thinking, it happened when i tried to load their streaming player for the first time which historically have pop unders on streaming websites