Issue metadata
Sign in to add a comment
|
Security: url spoof in slow network
Reported by
ma7h1a...@gmail.com,
Sep 7
|
||||||||||||||||||||||||
Issue descriptionVULNERABILITY DETAILS unbeforeunload function could be abused in a slow network , casued url spoof VERSION Chrome Version: 69 Operating System: windows 7 / OS X see online demo http://f.3cm.me/r/chrome_spoof.html the reproduce step : see chrome_spoof.gif
,
Sep 10
This has come up before, but basically there are mitigating factors since the attacker doesn't know the user's destination URL, and the browser still shows the navigation is in progress. In more detail: In issue 698156 (WontFix), we pointed out that the browser intentionally shows user-initiated URLs while they're pending. The current page can change its appearance during that time, but there are cues that the navigation is still in progress (e.g., spinner going, no lock icon). Discussion: https://bugs.chromium.org/p/chromium/issues/detail?id=698156#c8 Similarly, in issue 719856 (WontFix), we pointed out this boils down to the omnibox trying to do two jobs at once (showing where you're going and where you are). We tried making progress on hard UX problems there (and offline), but no luck so far. Discussion: https://bugs.chromium.org/p/chromium/issues/detail?id=719856#c11 Marking as a duplicate of the latter, since any discussion to improve the UX should probably happen there.
,
Dec 18
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by mpdenton@google.com
, Sep 7Components: UI>Browser>Navigation
Labels: Security_Severity-Low Security_Impact-Stable OS-Mac OS-Windows Pri-2
Owner: k...@chromium.org
Status: Assigned (was: Unconfirmed)