Share your repls and programming experiences

← Back to all posts
Browser Crasher
xxpertHacker (390)

About a month ago, I had opened Chromium bug reports explaining this, informing them that a single page can crash a whole browser, but they... seem to have not really cared, so Chromium is okay with it, thus this cannot be considered illegal or malicious, as the developers don't care.


Update

As of today, September 9th, Chromium finally acknowledged this bug and successfully replicated it, meaning the bug should be fixed within the year.


Looping location.reload quickly in JavaScript can lock up the browser.
But... many factors come into play:

  • Page size: large pages load slower, thus they reload slower too, if it's too slow, it's completely ineffective, although annoying.
  • Loading speed: Related to the previous point, but there is more to loading than size, and HTML is just slow to parse in general, especially poorly designed HTML.
  • Execution speed: There are a few micro-optimizations that can be applied to improve the performance of the loop.

So, how do you beat all 3?

CSS: A style-less page will load faster than one with style, so I cut it out.
Loading speed: Cut out everything unnecessary for a basic webpage to test the crash. HTML is slow to parse, so I used XHTML instead. Lastly, the page has no external data to fetch, it's all in one page.
Execution speed: There's much that can be done to improve speed here:

  • Simply opting into "strict mode" improves performance noticeably.
    An example of what we could use:
for (;;) {
    location.refresh();
}

This is straightforward and simple, but... it's not at it's best. refresh takes a boolean argument determining whether or not to reload from the server or cache, true indicating that it should load from the server.
As we used location.refresh, we kept doing a method lookup, directly binding to the function would be better.

const { reload } = location;

Unfortunately, reload exists on the prototype of the Location class, it requires the this of the location object, so it needs to be bound, put together:

"use strict";

const refresh = location.refresh.bind(location, false);
// false -> load from cache; faster than HTTP request to the server

for (;;) {
    refresh();
}

Now, that is probably the best you can do in JavaScript... but JavaScript isn't the only option for usage on the web, and I know how to use the other one: https://en.wikipedia.org/wiki/Webassembly. Wasm loads faster than JavaScript, parses faster, and executes faster, so you know what I did.

(I don't want to grab the source)

What the attached Wasm looks like in JavaScript is essentially just this:

import reload;

function _start() {
    for (;;) {
        reload();
    }
}

Very similar, yet what difference is there? It's faster in every way, that's it.

Now, why would you use this webpage? Maybe you want to redirect specific users from a specific URL on your server to it? ¯\_(ツ)_

Go check the source, run the page, have fun!


Report this to your browser vendor

I have already opened a Chromium report regarding this bug myself.
If you are on another browser, ex: Firefox, Safari, Edge, Opera, and this works, please report it to them as appropriate.
This bug is very annoying, I have personally opened the page too many times while developing it, and it almost crashed my low RAM computer :)

Commentshotnewtop
Barry123 (82)

@xxpertHacker pretty impressive, but

How do you un-crash the browser?!

xxpertHacker (390)

@Barry123 Oh, umm... now that's for another day. :)

Barry123 (82)

Yay now I fixed it :D

LD1 (42)

Doesn't appear to work on safari, but it works on Chrome, Chromium, and Brave

xxpertHacker (390)

@LD1 Ooh, you use Brave too? That's the browser I developed this on!
Safari doesn't support JavaScript modules on XHTML pages, that should be reported.

DungeonMaster00 (131)

for some reason this didnt crash firefox on ubuntu but i closed a window and it was still running so i had to restart my pc

xxpertHacker (390)

@DungeonMaster00 Oh, you're lucky, it crashed quite a few other people, including myself (more than once).

Some browsers it won't work on at all (eg: Safari), and practically all mobile browsers, since they simply don't support running that webpage properly.

Also, why didn't you try using a task manager or something similar, if you hadn't crashed?

DungeonMaster00 (131)

@xxpertHacker didnt think of it

also i reccomend ubuntu because it is basically an easy-to-use linux distribution

xxpertHacker (390)

@DungeonMaster00 Hmm... I'll pass, but at least we agree that we would prefer to use Linux, is that good enough?

LD1 (42)

I wouldn't recommend trying this on Firefox on Mac. I tried it, and now I can't get it unfrozen (deleting and reinstalling, rebooting). Nothing seems to work. Good thing is that I don't use firefox.

xxpertHacker (390)

@LD1 RIP, that sounds bad, you might want to try to report that for us.

LD1 (42)

@xxpertHacker Yes, I got it to work again and reported it. Seems like it just takes time for firefox to unfreeze, rebooting and reinstalling for whatever reason didn't work (at least not for me)

Leroy01010 (370)

i found out how to uncrash the browser

CodingRobot12 (186)

This seems cool but based on the other people's comments I am not going to run it lol

xxpertHacker (390)

@CodingRobot12 But, read the bottom of the post, you gotta run it lol.

johndo3 (16)

you destroyed my windows XP computer you owe me $10 jk

CarlosRosiles (185)

It froze my Chromebook for about 5 to 10 minutes! I had to shut it down for it to work again!

Leroy01010 (370)

I KNOW HOW TO UNCRASH THE BROWSER

SixBeeps (3064)

thus this cannot be considered illegal or malicious, as the developers don't care.

Ah yes, so I presume finding a security flaw in Windows and making a virus that exploits it is perfectly fine then?

Jokes aside, this is a nice find. It's incredible that this hasn't been patched yet, as it seems way too simple of a bug to use.

xxpertHacker (390)

@SixBeeps This is honestly the simplest bug I've spotted in a browser to date; I've seen people carefully thinking things outdoing some weird complicated stuff, carefully timing everything, etc, but this... it's effortless and surprisingly powerful, but it doesn't do too much, I can't steal your data or something.
But yeah I seriously did report it and they don't seem to care, someone might want to test if it affects Firefox, Safari, etc, and report it to them as appropriate.

RohilPatel (1251)

You know I like running:

location.href = "/haha";

on a server

xxpertHacker (390)

@RohilPatel Haha, maybe send your banned users here lol.

xxpertHacker (390)

@RohilPatel It's all right, all of my servers will redirect you here too :)