Issue 900893 link

Starred by 1 user

Issue metadata

Status:	Assigned
Owner:	privard@chromium.org
Components:	Enterprise
EstimatedDays:	----
NextAction:	----
OS:	Android
Pri:	2
Type:	Bug
Enterprise-Triaged Needs-Feedback Arch-x86_64 Via-Wizard-Enterprise

".google.com" not getting accessed when blacklist and whitelist policy configured

Reported by rahgu...@qualys.com, Nov 1

Issue description

Steps to reproduce the problem:
1.set below policy in google chrome.
"URLWhitelist": "[\".google.com\"]"
"URLBlacklist": "[\"*\"]"
2.Now try to access google by entering "https://google.com" it will not allow 
3. here chrome convert "https://google.com" to "https://www.google.com" so it will block access to google.

What is the expected behavior?
it should allow access, if user enter in omnibox "https://google.com" otherwise it should block.

What went wrong?
 here chrome convert "https://google.com" to "https://www.google.com" so it will block access to google.

Did this work before? N/A 

Chrome version: 70.0.3538.80  Channel: stable
OS Version: 7.0
Flash Version:

Comment 1 by chelamcherla@chromium.org, Nov 2

Labels: Needs-triage-Mobile

Comment 2 by jbanavatu@chromium.org, Nov 2

Labels: -Needs-triage-Mobile

Removing Needs-triage-Mobile label as this is Enterprise related.

Thanks!

Comment 3 by pmarko@chromium.org, Nov 5

chrome itself converts to www.google.com - this is a server-side redirect.
I.e. when accessing google.com, the server sends a message indicating (HTTP 301) indicating that the browser should instead access www.google.com.
So I'm afraid chrome really can't do much here.
What's the reason for not allowing all of google.com or at least www.google.com + .google.com ?

Comment 4 by mpear...@chromium.org, Nov 13

Labels: Needs-Feedback
Status: Untriaged (was: Unconfirmed)

Adding Needs-Feedback for the original reporter to reply to the workaround posed in comment #3.

Comment 5 by rahgu...@qualys.com, Nov 14

Hey 
thanks for update 
but i believe chromium should check from where it access google.com. 
prior redirect received to www.google.com

Comment 6 by pmarko@chromium.org, Nov 19

The whitelist is evaluated on the effective URLs loaded, not only on what the user entered into the omnibar. Redirects (which is happening here) / hyperlinks are very common on the Web and not applying the whitelist to those would be weird.

Comment 7 by macourteau@chromium.org, Nov 29

Labels: Enterprise-Triaged
Owner: privard@chromium.org

Assigning to privard@ for prioritization.

Comment 8 by benhenry@google.com, Jan 11

Status: Assigned (was: Untriaged)

This issue has an owner, a component and a priority, but is still listed as untriaged or unconfirmed. By definition, this bug is triaged. Changing status to "assigned". Please reach out to me if you disagree with how I've done this.

►

Issue 900893 link

Issue metadata

".google.com" not getting accessed when blacklist and whitelist policy configured

Issue description

Comment 1 by chelamcherla@chromium.org, Nov 2

Comment 1 Deleted

Comment 2 by jbanavatu@chromium.org, Nov 2

Comment 2 Deleted

Comment 3 by pmarko@chromium.org, Nov 5

Comment 3 Deleted

Comment 4 by mpear...@chromium.org, Nov 13

Comment 4 Deleted

Comment 5 by rahgu...@qualys.com, Nov 14

Comment 5 Deleted

Comment 6 by pmarko@chromium.org, Nov 19

Comment 6 Deleted

Comment 7 by macourteau@chromium.org, Nov 29

Comment 7 Deleted

Comment 8 by benhenry@google.com, Jan 11

Comment 8 Deleted

Sign in to add a comment