The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking requestFullscreen
and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks.