Issue 714086 link

Starred by 2 users

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Apr 2017
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	----
Type:	Bug-Security
allpublic

Security: Location redirect with cookie data

Reported by valentin...@gmail.com, Apr 21 2017

Issue description

VULNERABILITY DETAILS
With a simple onerror attribute on an image tag, one can redirect the user via javascript to another page including the cookie data.

VERSION
Chrome Version: 58.0.3029.81 stable
Operating System: OSX Yosemite 10.10.5

REPRODUCTION CASE
Check the attached file for the one-line exploit.

chrome_securitybug.html
233 bytes View Download

Comment 1 by elawrence@chromium.org, Apr 21 2017

Labels: -Restrict-View-SecurityTeam allpublic
Status: WontFix (was: Unconfirmed)

This is entirely expected. JavaScript running in a web page has access to most (non-HTTPOnly) cookies and it can do with them as it pleases, including navigating to a different page.

►

Issue 714086 link

Issue metadata

Security: Location redirect with cookie data

Issue description

Comment 1 by elawrence@chromium.org, Apr 21 2017

Comment 1 Deleted

Sign in to add a comment