New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 4 users

Issue metadata

Status: Fixed
Owner:
Last visit > 30 days ago
Closed: Jan 2010
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Feature

Restricted
  • Only users with Commit permission may comment.



Sign in to add a comment
link

Issue 2238: Add search engine dialog doesn't allow "{" (open curly brace); can interfere with javascript

Reported by dgingr...@gmail.com, Sep 13 2008

Issue description

Product Version      : 0.2.149.29 (build 1798)
URLs (if applicable) :
Other browsers tested:
Add OK or FAIL after other browsers where you have tested this issue:
    Firefox 3: OK

What steps will reproduce the problem?
1. Right click Omnibox -> Edit search engines... -> Add
2. set Name to 'test'; Keyword: blank; 
3. set URL to 'javascript:alert("test");' (Note "OK" button is active)
4. set URL to 'javascript:alert("test");{};' (Note "OK" button is inactive)


What is the expected result?

Should be able to create new search engine that is a "javascript:" URL containing a "{"


What happens instead?

Cannot save new search engine (can't click "OK")


Please provide any additional information below. Attach a screenshot if possible.

This happens with any "{" character in the Add Search Engine dialog, e.g. "http://google.com/{" 
also fails.

This only happens in the Add Search Engine dialog.  'javascript:alert("test");{};' works in a 
bookmark or when typed into the Omnibox.  (Suspect it conflicts with the use of "{google:baseURL}" 
strings in Search Engines?)

Seems to work for historically imported bookmarklets.  It worked for my existing reddit 
bookmarklets (which had a keyword in Firefox) and failed when I tried to upgrade.  The URL is:

javascript:function b(){var u=encodeURIComponent(location.href);var 
i=document.getElementById('redstat')||document.createElement('a');var 
s=i.style;s.position='fixed';s.top='0';s.left='0';s.zIndex='10002';i.id='redstat';i.href='http://ww
w.reddit.com/submit?url='+u+'&title='+encodeURIComponent(document.title);var 
q=i.firstChild||document.createElement('img');q.src='http://www.reddit.com/d/like.png?
v='+Math.random()+'&uh=aiaa6louc107573d3fa96181c3966f33b56df3d1647fb32157&u='+u;i.appendChild(q);do
cument.body.appendChild(i)};b()

There are other strange combinations that can't be saved:

ok:   http://1
fail: http://1~
ok:   http://1~@
ok    http://1/~
fail: http://1%
ok:   http://1%@
ok:   http://1/%
 

Comment 1 by sky@chromium.org, Sep 15 2008

We're using the OSDD syntax, and must be treating characters between {} as bogus. 
Getting the parser to work correctly with javascript here might be tricky.

Comment 2 by mal.chro...@gmail.com, Sep 30 2008

Labels: -area-unknown Area-Misc

Comment 3 by gwilson@chromium.org, May 20 2009

Labels: -Type-Bug -Area-Misc Type-Feature Area-BrowserUI
Status: Untriaged

Comment 4 by lafo...@chromium.org, Jun 9 2009

Labels: Mstone-X HelpWanted
Status: Available

Comment 5 by ben@chromium.org, Oct 2 2009

Labels: Feature-Omnibox

Comment 6 by sky@chromium.org, Dec 3 2009

 Issue 29308  has been merged into this issue.

Comment 7 by oritm@chromium.org, Dec 18 2009

Labels: -Area-BrowserUI Area-UI-Features
Area-UI-Features label replaces Area-BrowserUI label

Comment 8 by avayvod@chromium.org, Jan 19 2010

Status: Started

Comment 9 by bugdro...@gmail.com, Jan 21 2010

The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=36743 

------------------------------------------------------------------------
r36743 | avayvod@chromium.org | 2010-01-21 01:58:47 -0800 (Thu, 21 Jan 2010) | 7 lines
Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/search_engines/template_url.cc?r1=36743&r2=36742
   M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/search_engines/template_url.h?r1=36743&r2=36742
   M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/search_engines/template_url_unittest.cc?r1=36743&r2=36742

Removed restriction for {} so that javascript blocks can be used in the url.
Added unittests for TemplateURLRef::ParseParameter and TemplateURLRef::ParseURL methods.

BUG= 2238 
TEST=Try adding urls with different combinations of {}, they all should work.

Review URL: http://codereview.chromium.org/555012
------------------------------------------------------------------------

Comment 10 by avayvod@chromium.org, Jan 21 2010

Status: Fixed

Comment 11 by bugdroid1@chromium.org, Oct 12 2012

Project Member
Labels: Restrict-AddIssueComment-Commit
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.

Comment 12 by bugdroid1@chromium.org, Mar 11 2013

Project Member
Labels: -Feature-Omnibox Cr-UI-Browser-Omnibox

Sign in to add a comment