New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 823706 link

Starred by 3 users
Status: Available
Owner: ----
Cc:
tommycli@chromium.org
dschuyler@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac , Fuchsia
Pri: 3
Type: Bug
Team-Security-UX



Sign in to add a comment

It's possible to add invalid exception patterns

Reported by gmia...@opera.com, Mar 20 2018 
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36 OPR/51.0.2830.55

Steps to reproduce the problem:
1. Go to chrome://settings/content/cookies
2. Add Block exception for [*.].google.com

What is the expected behavior?
Not possible to add above pattern
Pattern blocking cookies on google.com

What went wrong?
No cookies blocked

Did this work before? N/A 

Chrome version: 64.0.3282.186  Channel: n/a
OS Version: OS X 10.13.3
Flash Version: Shockwave Flash 29.0 r0

Correct pattern [*.]google.com works just fine. But when dot is between ] and hostname it doesn't work.

Comment 1 by elawrence@chromium.org, Mar 20 2018

Components: UI>Browser>SiteSettings
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam FoundIn-67 FoundIn-64 OS-Android OS-Chrome OS-Fuchsia OS-Linux OS-Windows Type-Bug
Status: Untriaged (was: Unconfirmed)
While there are many typographical errors a user could make in constructing a pattern, this particular one seems like something the validation logic could detect.

Comment 2 by raymes@chromium.org, Mar 21 2018

Cc: dschuyler@chromium.org tommycli@chromium.org
Labels: -Pri-2 Pri-3
Status: Available (was: Untriaged)

Sign in to add a comment