Security: Command Line API
Reported by
samdde...@gmail.com,
Mar 18 2018
|
|||
Issue descriptionVULNERABILITY DETAILS Chromium Command Line APIs are available to all Functions invoked by DevTools. Once the functions have been invoked, they can create global references to methods such as `copy` & `inspect`. This allows the following - - Command Line API methods can be called an infinite amount of times, outside of the initial DevTools command context. - Data can be repeatedly copied to the clipboard without permission - even when the window is not in focus - Calling the inspect API repeatedly can: - Prevent the ability to switch Console tabs - Keep the browser window in the foreground - allowing pop-unders VERSION Chrome Version: 66.0.3359.33 REPRODUCTION CASE See the attached HTML file for some demos 1. Create a function accessible from inside DevTools (or override commonly used commands inside DevTools such as `console.log`) 2. That function now has access to all of the Command Line APIs - https://developers.google.com/web/tools/chrome-devtools/console/command-line-reference
,
Mar 19 2018
I don't think this is an issue. If the page really wants to prevent debugging, there is nothing we can do. Note that closing DevTools renders both copy() and inspect() useless anyway.
,
Jun 26 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||
►
Sign in to add a comment |
|||
Comment 1 by dominickn@chromium.org
, Mar 18 2018Components: Platform>DevTools
Labels: Security_Impact-Stable OS-Android OS-Chrome OS-Linux OS-Mac OS-Windows