Issue metadata
Sign in to add a comment
|
PDFs should not be allowed to navigate to "chrome://newtab" URL
Reported by
chromium...@gmail.com,
Mar 9 2016
|
||||||||||||||||||||||
Issue descriptionVERSION Chrome Version: 51.0.2671.0 canary Operating System: Windows 7 REPRODUCTION CASE 1. Open testcase.pdf in Chrome. 2. Click on the link (chrome://newtab).
,
Mar 10 2016
,
Mar 10 2016
,
Mar 10 2016
,
Mar 10 2016
Also issue 528505 which is similar to this issue.
,
Apr 1 2016
tsepez@: Uh oh! This issue is still open and hasn't been updated in the last 21 days. Since this is a serious security vulnerability, we want to make sure progress is happening. Can you update the bug with current status, and what, if anything, is blocking? If you are not the right Owner for this bug, please find someone else to own it as soon as possible and remove yourself as Owner. If the issue is already fixed or you are to unable to reproduce it, please close the bug. (And thanks for fixing the bug!). These nags can be disabled by adding a 'WIP' label and an optional codereview link. - Your friendly ClusterFuzz
,
Apr 21 2016
tsepez: Uh oh! This issue still open and hasn't been updated in the last 43 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers? If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one? If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Apr 26 2016
Any updates on this bug?
,
May 6 2016
tsepez: Uh oh! This issue still open and hasn't been updated in the last 58 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers? If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one? If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
May 25 2016
Hmmm. The example .pdf is actually navigating to https://www.google.com/_/chrome/newtab, eg. <</Type /Action /S /URI /URI (https://www.google.com/_/chrome/newtab)>> Which would be allowed for HTML as well, so I don't think there's an issue here.
,
Sep 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by infe...@chromium.org
, Mar 10 2016Components: Internals>Plugins>PDF
Labels: Security_Severity-Medium Security_Impact-Stable
Owner: tsepez@chromium.org
Status: Assigned (was: Unconfirmed)