If a long user name is used in a username/password combination in a site URL (such as 'http://UserName:Password@sometime.org'), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service on the browser as a whole. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7783 Acknowledgements: Name: the Mozilla project Upstream: Amit Sangra