New issue
Advanced search Search tips

Issue 797778 link

Starred by 1 user
Status: Verified
Owner:
rob@robwu.nl
Closed: Jan 2018
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

--allow-insecure-localhost not working for IPv6 ( https://[::1]/ )

Project Member Reported by rob@robwu.nl, Dec 27 2017 
I started Chrome with --allow-insecure-localhost and tried to visit https://[::1]:8080/.
Instead of the localhost page (with a self-signed certificate), I see the "Your connection is not private" interstitial.

A quick look through the source shows that net::IsLocalhost is used. This function does not treat "[::1]" as localhost; callers should ensure that the host has no brackets around it.
Project Member

Comment 1 by bugdroid1@chromium.org, Jan 14 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f79b3bae327fee2d365d8e2e3a9d8b937d86608c

commit f79b3bae327fee2d365d8e2e3a9d8b937d86608c
Author: Rob Wu <rob@robwu.nl>
Date: Sun Jan 14 01:54:31 2018

Rename IsLocalhost(host) to HostStringIsLocalhost(host); add IsLocalhost(GURL)

Several call sites incorrectly used GURL::host or GURL::host_piece as an
argument to net::IsLocalhost. This function only expects IPv6 addresses
without brackets. Since the vast majority of the callers start off with
a GURL, change net::IsLocalhost(StringPiece) to net::IsLocalhost(GURL).

For callers that do not have a GURL, and only a host name (e.g. Blink code),
net::HostStringIsLocalhost is added (which behaves like the old net::IsLocalhost).

BUG= 797778 
TEST=Start Chrome with --allow-insecure-localhost, visit https://[::1]/
     and confirm that the site loads without intersitial.

Cq-Include-Trybots: master.tryserver.chromium.mac:ios-simulator-full-configs
Change-Id: Ibb1cbf3f061ea2070d5e479ac4119a813a7e98a7
Reviewed-on: https://chromium-review.googlesource.com/844777
Commit-Queue: Rob Wu <rob@robwu.nl>
Reviewed-by: Eric Roman <eroman@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Cr-Commit-Position: refs/heads/master@{#529180}
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/chrome/browser/android/history_report/usage_report_util.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/chrome/browser/client_hints/client_hints.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/chrome/browser/installable/installable_manager.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/chrome/browser/page_load_metrics/observers/local_network_requests_page_load_metrics_observer.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/data_reduction_proxy/core/browser/data_reduction_proxy_delegate.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/history/core/browser/typed_url_sync_bridge.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/history/core/browser/typed_url_syncable_service.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/payments/content/origin_security_checker.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/payments/content/utility/payment_manifest_parser.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/payments/core/payment_manifest_downloader.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/rappor/rappor_utils.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/rappor/rappor_utils_unittest.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/safe_browsing/password_protection/password_protection_service.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/security_state/core/security_state.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/components/ssl_errors/error_classification.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/content/browser/service_worker/service_worker_write_to_cache_job.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/content/browser/web_contents/web_contents_impl.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/content/common/origin_util.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/extensions/browser/api/socket/socket_api.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/extensions/browser/extension_throttle_manager.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/headless/lib/browser/headless_content_browser_client.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/ios/web/public/origin_util.mm
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/net/base/network_change_notifier.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/net/base/url_util.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/net/base/url_util.h
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/net/base/url_util_unittest.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/net/url_request/url_request_http_job.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/net/url_request/url_request_throttler_manager.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/net/websockets/websocket_stream.cc
[modify] https://crrev.com/f79b3bae327fee2d365d8e2e3a9d8b937d86608c/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp

Comment 2 by rob@robwu.nl, Jan 14 2018

Labels: M-65
Status: Verified (was: Started)
Verified fixed on Canary 65.0.3322.0 by starting Chrome with --allow-insecure-localhost and confirming that https://[::1]:1234/ can be opened without an interstitial.

Sign in to add a comment