Closed
Bug 1403812
Opened 7 years ago
Closed 6 years ago
Address bar spoofing with RTL hostname
Categories
(Firefox :: Address Bar, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1395508
People
(Reporter: chromium.khalil, Unassigned)
Details
(Keywords: csectype-spoof, sec-low)
Attachments
(1 file)
431.34 KB,
image/png
|
Details |
Comment 1•7 years ago
|
||
This does not spoof if the pref browser.urlbar.trimURLs is set to false. The LTR scheme seems to anchor the display to the right place. I can, however, reproduce the spoof with the default setting of true. The RTL domain is off to the left of the displayed portion, and the spoofy path is what users will see. The above means you could not spoof a secure domain because we would always show the "https://" part.
Status: UNCONFIRMED → NEW
status-firefox56:
--- → wontfix
status-firefox57:
--- → affected
status-firefox58:
--- → affected
status-firefox-esr52:
--- → affected
Ever confirmed: true
Keywords: csectype-spoof,
sec-low
Comment 2•7 years ago
|
||
Isn't this a dupe of bug 1395854?
Comment 3•7 years ago
|
||
(In reply to :Gijs from comment #2) > Isn't this a dupe of bug 1395854? Hm, maybe I meant bug 1395508. They're certainly all related. :-\
Comment 4•6 years ago
|
||
I can't reproduce the original STR anymore due to remote changes, but I'm assuming bug 1395508 improved the situation here, since we try to keep the host visible.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
Updated•5 years ago
|
Updated•1 year ago
|
Group: firefox-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•