Issue metadata
Sign in to add a comment
|
Address Bar Spoofing with userinfo@domain
Reported by
rayyan...@gmail.com,
Apr 30 2017
|
||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Steps to reproduce the problem: 1) http://Facebook.com@evil.com I am able to spoof the whole DNS just by using @ in browser. What is the expected behavior? well mozilla have a countermeasure for this bug: when we try to do this same thing in firefox, firefox gives a popup with a note written in it : You are about to log in to the site "evil.com" with the username "facebook%2Ecom", but the website does not require authentication. This may be an attempt to trick you. Is "evil.com" the site you want to visit? What went wrong? When tested the same bug on google chrome, It didn't give me any warning message, Instead, I'm simply redirected to evil.com Did this work before? N/A Chrome version: 58.0.3029.81 Channel: stable OS Version: 10.0 Flash Version:
,
May 1 2017
Please see https://dev.chromium.org/Home/chromium-security/security-faq#TOC-Is-Chrome-s-support-for-userinfo-in-HTTP-URLs-e.g.-http:-user:password-example.com-considered-a-vulnerability- for discussion.
,
Aug 7 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by rayyan...@gmail.com
, Apr 30 2017