Issue metadata
Sign in to add a comment
|
Middle clicking 'Privacy Policy' link on SSL error page crashes browser.
Reported by
dan.cole...@numatic.co.uk,
Jan 19 2017
|
||||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 Steps to reproduce the problem: 1. Navigate to a website which has an SSL error (SSL_CERT_AUTHORITY_INVALID). 2. When middle clicking the 'Privacy Policy' link, the browser completely crashes. 3. What is the expected behavior? The page either opens in a new tab/window or nothing happens altogether. What went wrong? The entire Chrome browser crashed. Crashed report ID: How much crashed? Whole browser Is it a problem with a plugin? N/A Did this work before? N/A Chrome version: 55.0.2883.87 Channel: stable OS Version: 10.0 Flash Version: Shockwave Flash 24.0 r0
,
Jan 19 2017
When trying on https://untrusted-root.badssl.com/, the page contents turn white, but the browser doesn't appear to crash. Chrome version 56.0.2924.67 beta on nyan_big.
,
Jan 19 2017
Crash repros on M55, example crash report: crash/9785fff080000000 Blank page repros on M57. The privacy policy actually uses an onclick handler to show the page, and it doesn't handle middle click properly: https://cs.chromium.org/chromium/src/components/security_interstitials/core/controller_client.cc?l=21&cl=GROK&gsn=kPrivacyLinkHtml
,
Jan 19 2017
meacer@, can you take a look at this?
,
Feb 2 2017
Same for me here. OS: Ubuntu Linux 16.04 Chromium version: Version 55.0.2883.87 console output: [6830:6854:0202/154540:ERROR:cert_verify_proc_nss.cc(942)] CERT_PKIXVerifyCert for <some domain> failed err=-8179 [6830:6830:0202/154719:FATAL:navigation_handle_impl.cc(470)] Check failed: url_ == params.url ( vs. about:blank) #0 0x7fb8871ec7be base::debug::StackTrace::StackTrace() #1 0x7fb887208247 logging::LogMessage::~LogMessage() #2 0x7fb881f88a1f content::NavigationHandleImpl::DidCommitNavigation() #3 0x7fb881f7b1a3 content::InterstitialPageNavigatorImpl::DidNavigate() #4 0x7fb881f95fc1 content::RenderFrameHostImpl::OnDidCommitProvisionalLoad() #5 0x7fb881f9e84e <unknown> #6 0x7fb8820fb9a9 <unknown> #7 0x7fb8809de3f4 IPC::ChannelProxy::Context::OnDispatchMessage() #8 0x7fb8871edccb base::debug::TaskAnnotator::RunTask() #9 0x7fb8872124cf base::MessageLoop::RunTask() #10 0x7fb887213b4d base::MessageLoop::DeferOrRunPendingTask() #11 0x7fb88721494d base::MessageLoop::DoWork() #12 0x7fb887214f61 base::MessagePumpGlib::Run() #13 0x7fb887236dc8 base::RunLoop::Run() #14 0x555d58e08117 <unknown> #15 0x7fb881eb522f content::BrowserMainLoop::RunMainMessageLoopParts() #16 0x7fb881eb749d <unknown> #17 0x7fb881eb1159 content::BrowserMain() #18 0x7fb8824ecd14 <unknown> #19 0x7fb8824ec021 content::ContentMain() #20 0x555d5887093c <unknown> #21 0x7fb8726b0830 __libc_start_main #22 0x555d58870809 <unknown> Aborted (core dumped)
,
Feb 7 2017
,
Feb 7 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5ecfaa1461f7ec8faf7bae9456cf2888a7608add commit 5ecfaa1461f7ec8faf7bae9456cf2888a7608add Author: meacer <meacer@chromium.org> Date: Tue Feb 07 22:41:50 2017 Fix crash caused by middle clicking the privacy link in SSL interstitials Middle clicking the privacy link initiates a new navigation instead of an in-page navigation which causes a crash. This CL changes the link to an in-page link to prevent that. BUG= 682596 Review-Url: https://codereview.chromium.org/2673963004 Cr-Commit-Position: refs/heads/master@{#448753} [modify] https://crrev.com/5ecfaa1461f7ec8faf7bae9456cf2888a7608add/components/security_interstitials/core/controller_client.cc
,
Feb 13 2017
This is a one character fix and has been baking in Canary for 5 days. Requesting merge to M57.
,
Feb 13 2017
Your change meets the bar and is auto-approved for M57. Please go ahead and merge the CL to branch 2987 manually. Please contact milestone owner if you have questions. Owners: amineer@(clank), cmasso@(bling), ketakid@(cros), govind@(desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/23d4cde5a1addad4c462335124a5a367baec3399 commit 23d4cde5a1addad4c462335124a5a367baec3399 Author: Mustafa Acer <meacer@chromium.org> Date: Mon Feb 13 19:48:19 2017 [Merge M57] Fix crash caused by middle clicking the privacy link in SSL interstitials Middle clicking the privacy link initiates a new navigation instead of an in-page navigation which causes a crash. This CL changes the link to an in-page link to prevent that. BUG= 682596 TBR=estark Review-Url: https://codereview.chromium.org/2673963004 Cr-Commit-Position: refs/heads/master@{#448753} (cherry picked from commit 5ecfaa1461f7ec8faf7bae9456cf2888a7608add) Review-Url: https://codereview.chromium.org/2692953002 . Cr-Commit-Position: refs/branch-heads/2987@{#483} Cr-Branched-From: ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943} [modify] https://crrev.com/23d4cde5a1addad4c462335124a5a367baec3399/components/security_interstitials/core/controller_client.cc
,
Feb 15 2017
**Ignore Previous comment** Tested this issue on Windows-10 and Mac OS 10.12 using chrome latest M57-57.0.2987.54 by following steps mentioned in the original comment. By opening the link https://untrusted-root.badssl.com/ unable to see any 'Privacy policy' link to verify this issue. But able to view the link on Ubuntu 14.04, by middle clicking on privacy policy no crashes has been observed. meacer@ Attaching screen-shot for reference, Could you please let us know how to verify this issue on Windows and Mac OS? Thanks!
,
Feb 15 2017
brajkumar@: Sorry for incomplete instructions. The checkbox is controlled by Finch, and I think you weren't automatically put in the right bucket that displays the checkbox. Can you please try running chrome with --force-fieldtrials=ReportCertificateErrors/ShowAndPossiblySend ?
,
Feb 15 2017
Thank you meacer@, Verified issue with Chrome 57.0.2987.54 on Windows 7,10, mac and Linux.
,
Feb 15 2017
Also note that middle click doesn't work on interstitials. Filed bug 692656 for that. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by nyerramilli@chromium.org
, Jan 19 2017