New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 672948 link

Starred by 1 user
Status: Assigned
Owner:
qin...@chromium.org
Cc:
est...@chromium.org
dah...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 2
Type: Bug



Sign in to add a comment

Duplicate Download infobar does not properly elide URLs

Project Member Reported by dewittj@chromium.org, Dec 9 2016 
When the duplicate infobar pops up, it asks "Do you want to download %URL again?".  If %URL is large, it will elide by inserting an ellipsis in the middle.  Unfortunately, scammers can use this to obscure the true domain of a page.

Existing utilities for securely eliding a URL don't exist on Android.

The security impact of this is limited because elsewhere in the UI we display the true origin of download.

Split off from Issue 657341
screenshot-070c55b9-20161209T112836.png
78.1 KB View Download
screenshot-070c55b9-20161209T112903.png
722 KB View Download

Comment 1 by dewittj@chromium.org, Dec 9 2016

Components: UI>Browser>Offline

Comment 2 by dim...@chromium.org, Dec 14 2016

Status: Assigned (was: Untriaged)

Comment 3 by qin...@chromium.org, Jan 24 2017

Labels: -M-57 M-58

Comment 4 by dah...@chromium.org, Apr 6 2017

Labels: -M-58 M-59

Sign in to add a comment