URL parsing error caused by a specific GET parameter
Reported by
a...@sched.org,
Aug 5 2016
|
|
Issue descriptionChrome Version : 54.0.2819.0 (Official Build) canary (64-bit) URLs (if applicable) : https://www.linkedin.com/uas/oauth2/authorization?scope=r_basicprofile+r_fullprofile+r_emailaddress+r_network&state=c0133f601a97a323887b219edef8f2f7&client_id=mUfaAGdi-CaK43cZu8ZbUC5zSa79eFkjkpOFttds5hCQPHkoxiYqgLewZKabcJ6i&redirect_uri=https%3A%2F%2Fsched.org%2Fconnect%2Flinkedin%3Fsuccess&response_type=code Other browsers tested: Safari: OK 10.0 (12602.1.43) Firefox: OK 48.0b6 IE: OK 11.0.9600.18378 What steps will reproduce the problem? (1) Enter the URL above (2) Hit enter (3) URL gets misinterpreted as http://linkedin/?success&code=AQQsThNr_AiIrzQ_cmEZk_Eh9mwyBVLTysdnURlK0HH2w3uSSeU-kmD3AOOd5f1dDMMd5VIfA03QihExhw-MCJ5t_c5ylTGVD6WfgwMKaBVC-QH6m44&state=c0133f601a97a323887b219edef8f2f7#! What is the expected result? Correct interpreting of the URL (as entered). What happens instead? Part of the "redirect_uri" GET parameter gets interpreted as the beginning of the URL. Please provide any additional information below. Attach a screenshot if possible. The issue is somewhere in the "client_id" parameter - if i remove it, the URL gets parsed just fine. Note that this only happens with *this particular* value for the "client_id". Other values thus far worked fine. Also, note that URLencoding the value does not help. This issue was reported to us by our customer, who couldn't connect his LinkedIn profile to our app, and was kind enough to provide the request URL. This is the only instance of this happening that was ever reported to us.
,
Aug 5 2016
Nevermind, got it. Apparently, Preserve Log doesn't work for me when Dev Tools are started from a blank tab in Canary, and only shows the blank tabs requests (i.e. it behaves as if the subsequent URLs opened are new/separate tabs). Sorry for the confusion. |
|
►
Sign in to add a comment |
|
Comment 1 by nhar...@chromium.org
, Aug 5 2016