Issue metadata
Sign in to add a comment
|
Omnibox spoofing via UserInfo
Reported by
anasmahm...@gmail.com,
Aug 18 2017
|
||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.1; rv:55.0) Gecko/20100101 Firefox/55.0 Steps to reproduce the problem: 1. First of all open latest version chrome browser and copy the link http://www.google.com----@evil.com 2. Now paste this link in address bar of browser 3. You will be redirected to evil.com What is the expected behavior? Don't redirect to evil.com without confirmation What went wrong? Redirect to evil.com without confirmation. Did this work before? N/A Chrome version: 60.0.3112.101 Channel: n/a OS Version: Windows 7 Flash Version: Shockwave Flash 10.2 r159 Google chrome render this http://www.google.com----@evil.com as http://evil.com. Firefox handle this situation correctly Let me know if u have any question or need more info Thanks Cheers Anas
,
Aug 18 2017
Thanks
,
Aug 18 2017
I want to change title to "URL SPOOFING VULNERABILITY"
,
Aug 18 2017
To be clear here, there's no "redirection"-- the URL in step #1 points at evil.com Please see https://chromium.googlesource.com/chromium/src/+/master/docs/security/faq.md#Is-Chrome_s-support-for-userinfo-in-HTTP-URLs-e_g_http_user_password_example_com_considered-a-vulnerability for discussion.
,
Nov 25 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by anasmahm...@gmail.com
, Aug 18 2017