Closed
Bug 1356182
Opened 8 years ago
Closed 4 years ago
Custom tabs: cannot display long URL properly
Categories
(Firefox for Android Graveyard :: General, enhancement, P2)
Firefox for Android Graveyard
General
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: walkingice, Unassigned)
References
Details
Attachments
(4 files)
If we navigate to long URL, the title-view or url-view doesn't wrap well.
I only reproduce it on Nexus-5/Android 6.0.1. (navigate to https://www.google.com.tw) Not sure whether prior Android version will be effect or not.
Reporter | ||
Comment 1•8 years ago
|
||
We can set ellipse to the text view.
Sebastian, do you think it might cause potential security bug?
Flags: needinfo?(s.kaspari)
Comment 2•8 years ago
|
||
(In reply to Julian Chu [:walkingice] from comment #1)
> Created attachment 8857888 [details]
> set ellipsize to text view
>
> We can set ellipse to the text view.
>
> Sebastian, do you think it might cause potential security bug?
It's one of those things where someone could try to spoof the URL by pretending to be another page by moving the actual page domain out of the visible area. A naive way of doing this would be [wwwwwwwwwwwwwwwwwww.google.com].evil-site.com where only the part between [] is visible.
Chrome custom tabs seem to suffer from the same problem (see attached screenshot).
This isn't even fully solved in Fennec - although you can at least click into the URL bar and the see everything. See bug 1236431 for some history. Back then we tried to solve this by only showing the *origin* part of the domain. We pulled this in bug 1268753 again. But this might still be a suitable approach for custom tabs - where we not want to show the full URL/domain necessarily. Also see bug 1271998 for a proposal to make this less problematic in Fennec.
Flags: needinfo?(s.kaspari)
Reporter | ||
Comment 4•7 years ago
|
||
Tried to wrap textview in HorizontalScrollView, likely it is close to the proposal. This attachment is running on Android 4.4.4 CyanogenMod.
Comment 5•7 years ago
|
||
this is likely the older implementation. does it still apply to 57 implementation?
on a quick test, things look fine to me.
[triage] Potential spoofing so potentially critical - I'd suggest we consider Sebastian's approaches, in particular just showing the origin.
Assignee: walkingice0204 → nobody
Priority: P2 → P1
Updated•7 years ago
|
Priority: P1 → P2
Comment 7•4 years ago
|
||
We have completed our launch of our new Firefox on Android. The development of the new versions use GitHub for issue tracking. If the bug report still reproduces in a current version of [Firefox on Android nightly](https://play.google.com/store/apps/details?id=org.mozilla.fenix) an issue can be reported at the [Fenix GitHub project](https://github.com/mozilla-mobile/fenix/). If you want to discuss your report please use [Mozilla's chat](https://wiki.mozilla.org/Matrix#Connect_to_Matrix) server https://chat.mozilla.org and join the [#fenix](https://chat.mozilla.org/#/room/#fenix:mozilla.org) channel.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
Assignee | ||
Updated•4 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•