Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
FireFox is configured to allow JavaScript to move or resize windows.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15779 | DTBF181 | SV-16718r1_rule | Medium |
| Description |
|---|
| JavaScript can make changes to the browser’s appearance. This activity can help disguise an attack taking place in a minimized background window. Set browser setting to prevent scripts on visited websites from moving and resizing browser windows. |
| STIG | Date |
|---|---|
| Mozilla Firefox Security Technical Implementation Guide | 2017-12-21 |
Details
| Check Text ( C-16624r1_chk ) |
|---|
| In About:Config, verify that the preference name “dom.disable_window_move_resize" is set and locked to “true”. Criteria: If the parameter is set incorrectly, then this is a finding. If the setting is not locked, then this is a finding. |
| Fix Text (F-15996r1_fix) |
|---|
| Ensure the preference "dom.disable_window_move_resize" is set and locked to the value of “true”. |