Issue metadata
Sign in to add a comment
|
Security: Chrome loads domains with a trailing dot
Reported by
krzyc...@gmail.com,
Feb 2 2018
|
||||||||||||||||||||
Issue descriptionHi. Today I've discovered possible security bug in Chrome. I've noticed that Chrome works very strange when domain address ends with dot. For example: https://www.google.com. As You can suspect - it should be ended with Domain Not Found exception BUT... IT WORKS!!!! What is most strange - it find a proper IP address and pushes HTTP Host Header: www.google.com. For Google, the site is working properly because it redirects to https://www.google.com For YouTube it stays with https://www.youtube.com. But there are sites that don't work correctly and generates HTTP 400 or infinity redirect loop.
,
May 12 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Feb 2 2018Status: WontFix (was: Unconfirmed)
Summary: Security: Chrome loads domains with a trailing dot (was: Security: Dot Truble)