New issue
Advanced search Search tips

Issue 816101 link

Starred by 2 users

Issue metadata

Status: WontFix
Owner: ----
Closed: Feb 2018
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Chrome Extension can modify HTTP headers and cause errors in Gmail

Reported by surajpaw...@gmail.com, Feb 24 2018

Issue description

Hi sir,
The security bug in chrome is, when you open Gmail.com and login to your account 
you will get this error : [ Gmail is having authentication problems. Some features may not work. Try  logging in  to fix the problem ]
 When you will click on logging in it will reload gmail and again give same error.

This happens when we install the chrome extension (MOD HEADER) ModHeader 2.1.2
This extension is usually used to bypass the whm login 

If we keep on clicking try logging in to fix the problem , many times gmail will ask us to verify our account that we are humans and not robots . 

Please check image for exact issue. 


 
Capture.PNG
15.9 KB View Download
Status: WontFix (was: Unconfirmed)
Summary: Security: Chrome Extension can modify HTTP headers and cause errors in Gmail (was: Security: Chrome Extension Giving Error)
This does not describe a security vulnerability in Chrome. The extension in question [1] is designed to modify HTTP headers, and there are absolutely modifications that can cause a website, including GMail, to stop functioning correctly. If you do not wish this extension to modify your network traffic, either uninstall it, or reconfigure it to not modify traffic to GMail.


[1] https://chrome.google.com/webstore/detail/modheader/idgpnmonknjnojddfkpgkljpfnnfcklj?hl=en
Project Member

Comment 2 by sheriffbot@chromium.org, Jun 3 2018

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment