Issue metadata
Sign in to add a comment
|
Chrome does nothing when page redirects to https:///
Reported by
lutoma...@gmail.com,
Apr 19 2016
|
||||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36 Example URL: Steps to reproduce the problem: 1. Set up a web server that redirects to https:/// 2. Access that page in chrome/chromium What is the expected behavior? Chrome should display an error of sort about an invalid redirect. If the redirect is permanent, Chrome should not cache it. What went wrong? Instead, absolutely nothing happens. Chrome just stays on the current page without any indication it even attempted to load the page. I first thought my browser was broken before I found the invalid redirect using netcat. To make things worse, if the redirect was permanent, any future attempts to access also fail without any indication why. Did this work before? N/A Chrome version: 49.0.2623.110 Channel: stable OS Version: Flash Version: Shockwave Flash 21.0 r0
,
Apr 19 2016
I can reproduce this with a test server. We end up getting an ERR_ABORTED message after the redirect is processed. I will dig further.
,
Apr 19 2016
The problem is here: https://code.google.com/p/chromium/codesearch#chromium/src/content/browser/child_process_security_policy_impl.cc&rcl=1461064657&l=582 The resource loader doesn't let the renderer request this URL for security reasons. Should we error out sooner in the stack? Could URLRequestJob understand that this is an invalid redirect and show an error? Maybe UNSAFE_REDIRECT?
,
Apr 19 2016
I don't actually know anything about ChildProcessSecurityPolicy. What's invalid about the redirect?
,
Apr 19 2016
So, I think the idea is that we're fundamentally suspicious of the renderer process, so if it wants to access an invalid url (i.e. http:///) we kill the request. "http:///" is an invalid url per GURL::is_invald. It seems like we shouldn't be blaming the renderer for this, though. ccing a few more people for thoughts.
,
Apr 19 2016
Oh. I missed that the URL is nonsense. I thought "https:///" was just a placeholder or something. Having the URLRequest notice the URL is nonsense seems reasonable enough? And/or maybe ChildProcessSecurityPolicy should fail with something other than ERR_ABORTED so we end up surfacing a net error page. ERR_INVALID_URL?
,
Apr 19 2016
Those suggestions sounds good. Seems like we should error out before we've learned the permanent redirect.
,
Apr 20 2016
Oh, I see. So URLRequest actually does check this just fine. But we (reasonably) check ChildProcessSecurityPolicy before asking URLRequest to do anything. We could probably make URLRequest check the target URL *before* following the redirect, but that won't handle if the renderer decides to fetch an invalid URL right off the bat. I suspect Blink will stop you, but it seems the ResourceLoader should behave the same in both cases. I think I'm leaning towards ChildProcessSecurityPolicy codepaths using a better error code, though it means we duplicate more code. The other option is for CanRequestURL to return *true* for URLs (kinda like net::URLRequest::IsHandledURL does, even though it's unreachable in all callers).
,
Apr 20 2016
Hrm. So, here's what it looks like if I make ChildProcessSecurityPolicy fail with a different error. It's still slightly weird because we report the original URL, but maybe that's fine? Incidentally, Firefox has the same behavior we currently do in aborting the commit without any visible error.
,
Apr 20 2016
Here's a possible fix. https://codereview.chromium.org/1903133004/
,
Apr 19 2017
Merging this into issue #462272 which has more discussion. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by lutoma...@gmail.com
, Apr 19 2016