Mozilla in the process of developing a secure full screen browsing feature

Mozilla’s Robert O’Callahan has been recorded saying that Mozilla was developing a full screen browsing feature for its Firefox browser for web apps to use. The main motivation behind this has been to improve security issues, the primary security concern is the fact users cannot see the URL of the place they are visiting when currently using full screen mode. The engineer suggested that Mozilla could go different routes to make full-screen scenarios more secure, for example by enabling full-screen modes only through a manual user request and providing a pop-up window.

“We can make sure that when going full-screen, we display a clear message describing how to leave full-screen – like Flash does, but hopefully better, Then if a malicious page goes full-screen when the user didn’t want to, the user will probably exit full-screen immediately.”

Other problems include Spoofing attacks when users are in full screen mode, most of the problems are being cited to full screen games which isolate the user into a different window but give them the full range of inputs and so they can often be tricked into breaching their own security. Mozilla has not currently developed the secure browsing full screen feature and is asking for assistance from its security researcher’s feedback to help develop it.

Source