New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 837666 link

Starred by 2 users
Status: Untriaged
Owner: ----
Cc:
clamy@chromium.org
jcivelli@chromium.org
nasko@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Redirects to chrome:// URLs should be blocked with the network service

Project Member Reported by jcivelli@chromium.org, Apr 27 2018 
The content browser test NavigationHandleImplBrowserTest.RedirectToRendererDebugUrl fails with the network service and should be fixed.
This test validates that redirects to a chrome URL are blocked.
It seems in the network service case we won't block redirect to chrome URLs.
For instance:
https://tinyurl.com/3lj5h3l
that redirects to chrome://settings It fails somehow but it looks like the redirect does happen.

Note that the blocking should happen for navigations and subresources.
clamy@ suggested to provide a list of schemes to the network service when  created for which we would block redirects to.

Comment 1 by jcivelli@chromium.org, May 9 2018 

Per a previous discussion: "we should block redirects to non-web schemes (with with ERR_UNSAFE_REDIRECT)."

Comment 2 by dpa...@chromium.org, May 18 2018

Components: UI>Browser>Navigation

Sign in to add a comment