New issue
Advanced search Search tips

Issue 601695 link

Starred by 2 users

Issue metadata

Status: Fixed
Owner:
Closed: Apr 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

registerProtocolHandler via user gesture menu missing strings

Reported by kgra...@gmail.com, Apr 8 2016

Issue description

UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36

Steps to reproduce the problem:
1. have an onclick event trigger registerProtocolHandler
2. notice the domain string and protocol string are missing

What is the expected behavior?
It should show the domain string and protocol string in the menu

What went wrong?
It doesn't show the protocol or domain

Did this work before? N/A 

Chrome version: 49.0.2623.110  Channel: canary
OS Version: OS X 10.11.4
Flash Version: Shockwave Flash 21.0 r0

Note that this menu is different from the one which displays in the omnibox, which appears if you call registerProtocolHandler without a user gesture.
 
Screen Shot 2016-04-07 at 8.43.21 PM.png
28.5 KB View Download
Screen Shot 2016-04-07 at 8.43.43 PM.png
24.8 KB View Download
Labels: -OS-Mac
Owner: a...@chromium.org
Status: Assigned (was: Unconfirmed)
avi@, can you take a look at this or route it? I don't think it's Mac-specific.

Comment 2 by a...@chromium.org, Apr 12 2016

I found a test page at http://jsfiddle.net/zxv4E/1/ . I see your behavior. Let me bisect.

Comment 3 by a...@chromium.org, Apr 12 2016

Cc: a...@chromium.org
Labels: -Type-Bug -Pri-2 Security_Severity-Medium Pri-1 Type-Bug-Regression
Owner: f...@chromium.org
You are probably looking for a change made after 336030 (known good), but no later than 336054 (first known bad).
NOTE: There is a Blink roll in the range, you might also want to do a Blink bisect.
CHANGELOG URL:
  https://chromium.googlesource.com/chromium/src/+log/6dd51554c5c0c8378096aa47b04baf5b5c004560..cb9e7366feaa8e0af368389882cf59a5bcdf321b

This used to be an infobar, and it worked. https://chromium.googlesource.com/chromium/src/+/cb9e7366feaa8e0af368389882cf59a5bcdf321b changed lots of infobars (including this one) to be info bubbles, and it appears to have broken this.

Calling this a security regression. The user no longer has crucial information about the security question, and cannot make an informed decision.

Comment 4 by a...@chromium.org, Apr 12 2016

Components: Security

Comment 5 by f...@chromium.org, Apr 13 2016

Cc: dominickn@chromium.org
Components: -Security Security>UX
Labels: -Security_Severity-Medium Security_Severity-Low
Owner: benwells@chromium.org
ben, as the shiny new permission bubble owner, can you pick this up?


avi, for future reference you need to mark security bugs as Type=Bug-Security rather than Type=Bug-Regression for the right labels to get applied. (However, this would be quite challenging to exploit, so if it's a security bug it's at the most a low-security bug IMO. Therefore leaving as Type=Bug-Regression.)
Yep.
Labels: OS-Mac
I believe this is Mac only, and that the changes in https://codereview.chromium.org/1843063002 should address it.

Comment 8 by kgra...@gmail.com, Apr 14 2016

It's not mac only, I tested on ChromeOS stable too
I just tested using the link from #2 on ChromeOS stable and it shows the scheme - see the attached screenshot.

Do you see it on ChromeOS stable with that link?
Screenshot 2016-04-14 at 4.23.03 PM.png
164 KB View Download

Comment 10 by kgra...@gmail.com, Apr 14 2016

It's missing the protocol string, it just says Open {{blank}} links
Screenshot 2016-04-13 at 11.52.51 PM.png
7.2 KB View Download
Ooooh sorry totally misunderstood the issue :/

The good news is that on mac the http:// will soon be included :D
Project Member

Comment 12 by bugdroid1@chromium.org, Apr 19 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9914498f18f195e38d42de4f1c2a65977056b813

commit 9914498f18f195e38d42de4f1c2a65977056b813
Author: benwells <benwells@chromium.org>
Date: Tue Apr 19 01:36:06 2016

Fix string resource for register protocol handler.

The string resource had a replacement placeholder that was unable to
be replaced.

BUG= 601695 

Review URL: https://codereview.chromium.org/1893273002

Cr-Commit-Position: refs/heads/master@{#388115}

[modify] https://crrev.com/9914498f18f195e38d42de4f1c2a65977056b813/chrome/app/generated_resources.grd

Status: Fixed (was: Assigned)
Components: -Security>UX
Labels: Team-Security-UX
Security>UX component is deprecated in favor of the Team-Security-UX label

Sign in to add a comment