Issue 712304 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	nparker@chromium.org
Closed:	Nov 2017
Cc:	vakh@chromium.org
Components:	Services>Safebrowsing
EstimatedDays:	----
NextAction:	----
OS:	All
Pri:	3
Type:	Bug
SafeBrowsing-Triaged Hotlist-EnamelAndFriendsFixIt

Participants' hotlists:
EnamelAndFriendsFixIt

Only check standard web URLs against whitelists

Project Member Reported by nparker@chromium.org, Apr 17 2017

Issue description

V4LocalDatabaseManager::MatchCsdWhitelistUrl() doesn't call CanCheckUurl() first.  I think it should, since otherwise we'll try to match weird non HTTP/HTTPS/FTP URLs against the whitelist and get unpredictable results.

There might be other spots within the database manager that should check it.

Comment 1 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt

Project Member

Comment 2 by bugdroid1@chromium.org, Nov 16 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/80ab613e67a52907c2c850bc59c11695bb8f8846

commit 80ab613e67a52907c2c850bc59c11695bb8f8846
Author: Nathan Parker <nparker@chromium.org>
Date: Thu Nov 16 06:33:48 2017

Remove MatchCsdWhitelistUrl() from safe browsing code

Bug:  714300 , 712304 
Change-Id: I95df2d633b8838fe77971f1816e0e424e239b60c
Reviewed-on: https://chromium-review.googlesource.com/773658
Commit-Queue: Nathan Parker <nparker@chromium.org>
Reviewed-by: Varun Khaneja <vakh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#516999}
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/chrome/browser/safe_browsing/local_database_manager.h
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/android/remote_database_manager.cc
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/android/remote_database_manager.h
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/db/database_manager.h
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/db/test_database_manager.cc
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/db/test_database_manager.h
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/db/v4_local_database_manager.cc
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/db/v4_local_database_manager.h
[modify] https://crrev.com/80ab613e67a52907c2c850bc59c11695bb8f8846/components/safe_browsing/db/v4_local_database_manager_unittest.cc

Comment 3 by nparker@chromium.org, Nov 17 2017

Status: Fixed (was: Assigned)

►

Issue 712304 link

Issue metadata

Only check standard web URLs against whitelists

Issue description

Comment 1 by est...@chromium.org, Nov 10 2017

Comment 1 Deleted

Comment 2 by bugdroid1@chromium.org, Nov 16 2017

Comment 2 Deleted

Comment 3 by nparker@chromium.org, Nov 17 2017

Comment 3 Deleted

Sign in to add a comment