New issue
Advanced search Search tips

Issue 615883 link

Starred by 1 user
Status: Duplicate
Merged: issue 598338
Owner: ----
Closed: May 2016
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug-Security



Sign in to add a comment

Unsafe (HTTP) remote desktop MSI download

Reported by fir...@gmail.com, May 30 2016 
UserAgent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.63 Safari/537.36

Steps to reproduce the problem:
In /src/remoting/webapp/crd/js/host_installer.js:

Win32 and Win64 values in HOST_DOWNLOAD_URLS are HTTP URLs.

https://code.google.com/p/chromium/codesearch#chromium/src/remoting/webapp/crd/js/host_installer.js&q=chromeremotedesktophost.msi&sq=package:chromium&type=cs&l=81

What is the expected behavior?

What went wrong?
Should be HTTPS...

Did this work before? N/A 

Chrome version: 51.0.2704.63  Channel: stable
OS Version: 6.3
Flash Version: Shockwave Flash 21.0 r0

Comment 1 by mea...@chromium.org, May 31 2016

Mergedinto: 598338
Status: Duplicate (was: Unconfirmed)
Thanks, we are aware of the issue and working on it.
Project Member

Comment 2 by sheriffbot@chromium.org, Sep 20 2016

Labels: -Restrict-View-SecurityTeam
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 3 by sheriffbot@chromium.org, Oct 1 2016 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 4 by sheriffbot@chromium.org, Oct 2 2016 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 5 by mbarbe...@chromium.org, Oct 2 2016

Labels: allpublic

Sign in to add a comment