Issue 698414 link

Starred by 1 user

Issue metadata

Status:	Duplicate
Merged:	issue 626951
Owner:	----
Closed:	Mar 2017
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	----
Type:	Bug-Security
allpublic

Security: URL spoofing

Reported by hiquresh...@gmail.com, Mar 3 2017

Issue description

VULNERABILITY DETAILS
The browser ignores every ".com" between "http://" and last ".com". this can be used to spoof the url bar.

VERSION
Chrome Version: Version 56.0.2924.87 (64-bit)
Operating System: Mac OSX

REPRODUCTION CASE
https://google.com@twitter.com@facebook.com

The browser will only understand facebook.com and leave the rest of .com. This can be used to spoof the address bar and steal user credentials.

Comment 1 by vakh@chromium.org, Mar 3 2017

Mergedinto: 626951
Status: Duplicate (was: Unconfirmed)

Thanks for reporting the issue.
Chrome handles this issue by graying out the non origin part to make it clear to the user which origin they're on.

Comment 2 by elawrence@chromium.org, Mar 3 2017

Labels: -Restrict-View-SecurityTeam allpublic

Chrome doesn't show the userinfo for such URLs as soon as the navigation completes. See also https://www.chromium.org/Home/chromium-security/security-faq#TOC-Is-Chrome-s-support-for-userinfo-in-HTTP-URLs-e.g.-http:-user:password-example.com-considered-a-vulnerability-

►

Issue 698414 link

Issue metadata

Security: URL spoofing

Issue description

Comment 1 by vakh@chromium.org, Mar 3 2017

Comment 1 Deleted

Comment 2 by elawrence@chromium.org, Mar 3 2017

Comment 2 Deleted

Sign in to add a comment