How to Spot a Fake Address Bar in Chrome on Android
This is bad, but it gets worse. Normally, when the user scrolls up, Chrome will re-display the true URL bar. But we can trick Chrome so that it never re-displays the true URL bar! Once Chrome hides the URL bar, we move the entire page content into a “scroll jail” – that is, a new element with overflow:scroll. Then the user thinks they’re scrolling up in the page, but in fact they’re only scrolling up in the scroll jail! Like a dream in Inception, the user believes they’re in their own browser, but they’re actually in a browser within their browser.