In which version of Chrome on which operating system are you able to reproduce this? You're typing "facebook.com/%00anything_goes_here" in the address bar?

I cannot reproduce this; if it does occur, it's surprising, although likely not a security bug.

I am typing in the address bar of google chrome,

I have typed facebook.com/%00hacker.com then it reproduced this

"https://www.google.co.in/search?q=facebook.com%2F%2500hacker.com&oq=facebook.com%2F%2500hacker.com&aqs=chrome..69i57.7620j0j1&sourceid=chrome&ie=UTF-8"

I think the %00 is responsible for this behaviour.

Not only facebook.com
"any_domain.com/%00anything"

anything=any string
any_domain= any valid domain

the chrome seems to process it to a query in google.com


Request:
hackerone.com/%00ink.com

I have typed in google chrome web broswer

Response:

https://www.google.co.in/search?q=hackerone.com%2F%2500ink.com&oq=hackerone.com%2F%2500ink.com&aqs=chrome..69i57.11010j0j9&sourceid=chrome&ie=UTF-8










Google Chrome Version 59.0.3071.115 (Official Build) (64-bit)

Thank you for providing more feedback. Adding requester "elawrence@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

My Operating system is Windows 7 Ultimate

My Chrome web browser is Up to date:


Google Chrome Version 59.0.3071.115 (Official Build) (64-bit)


Please find my operating system details in the attachment below.

Deleted: Chrome.png 120 KB

	Chrome.png 120 KB View Download

Yes, typing a non-URL (or a malformed url, as in this case) in the OmniBox results in a search, as indicated by the icon to the left of the text. This is working as designed. 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot