Issue metadata
Sign in to add a comment
|
Security: Google Chrome allows user to load phishing URL without any security warnings.
Reported by
ja...@supmenow.com,
Sep 14 2016
|
||||||||||||||||||||||||
Issue descriptionPlease see the following link for instructions on filing security bugs: http://www.chromium.org/Home/chromium-security/reporting-security-bugs NOTE: Security bugs are normally made public once a fix has been widely deployed. VULNERABILITY DETAILS The Google Chrome Browser is able to load a spoofed Base 64 URL that when loaded, can load a remote webpage into the browser which harvests passwords. I have attached the screenshot of this page and a text file including the link. The browser fails to warn the user they have just loaded a base 64 file, and so the user could be fooled into entering in their credentials. This is usually sent as an attachment in email and I have just fallen foul of this. The UI additionally doesn't highlight clearly that it isn't secure unless you bother to click for more details. In the Base 64 URL the google URL is included to further confuse the user into thinking its the legitimate site. VERSION Chrome Version: 52.0.2743.116 + stable Operating System: OS X 10.11.6 REPRODUCTION CASE Follow the link attached in the text file to see how a user can load a phishing website via a base 64 link and chrome fails to warn about this.
,
Sep 14 2016
Adding meacer@, who is planning on disabling top-level navigations to data: URLs in some cases.
,
Sep 15 2016
,
Sep 15 2016
,
Sep 28 2016
mkwst: Uh oh! This issue still open and hasn't been updated in the last 14 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers? If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one? If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 28 2016
Yes. Loading `data:` URLs can be confusing, and I do think folks are poking at changing our behavior there (at least for forced navigation). Poking meacer@ again. ;)
,
Sep 28 2016
This should be fixed by bug 594215 which has ongoing discussions.
,
Nov 30 2016
,
Apr 22 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by penny...@chromium.org
, Sep 14 2016Components: UI>Browser>Navigation UI>Browser>Omnibox Security>UX
Labels: Security_Severity-Medium Security_Impact-Stable OS-All Pri-2
Owner: mkwst@chromium.org
Status: Assigned (was: Unconfirmed)
Summary: Security: Google Chrome allows user to load phishing URL without any security warnings. (was: [CRITICAL] Security: Google Chrome allows user to load phishing URL without any security warnings.)