New issue
Advanced search Search tips

Issue 645434 link

Starred by 1 user
Status: Duplicate
Merged: issue 643173
Owner: ----
Closed: Sep 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: wrong SSL certificate in browser after redirecting by link to external domain.

Reported by igor.mol...@gmail.com, Sep 9 2016 
VULNERABILITY DETAILS
After redirecting to another domain, browser shows certificate of previous domain from where i was redirected to.

VERSION
Chrome Version: 55.0.2853.0 dev-m
Operating System: Win 7 x64 SP1

REPRODUCTION CASE

when i come to site from one domain to another, browser shows me on badge and in detail information on SSL certificate of domain where i come from, but not the real certificate of domain i come to.

it's appears when clicking to any link to another domain in twitter f.ex.
https://t.co/O3irqkVLFo
result you can see in attached screenshot.
chrome_2016-09-09_14-30-40.jpg
19.6 KB View Download
chrome_2016-09-09_14-42-32.jpg
27.5 KB View Download

Comment 1 by elawrence@chromium.org, Sep 9 2016

Components: Security>UX
Very likely dupe of 643173, fixed in Canary.

Comment 2 by elawrence@chromium.org, Sep 9 2016

Mergedinto: 643173
Status: Duplicate (was: Unconfirmed)
That build is 416812, fix is 416849, so the fix will be in the next build.

Comment 3 by lafo...@chromium.org, Dec 9 2016

Components: -Security>UX
Labels: Team-Security-UX
Security>UX component is deprecated in favor of the Team-Security-UX label
Project Member

Comment 4 by sheriffbot@chromium.org, Dec 17 2016

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment