Closed Bug 1437349 Opened 6 years ago Closed 6 years ago

Detect if user install certain software with external protocol

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 680300

People

(Reporter: xiaoyin.l, Unassigned)

References

(Blocks 2 open bugs)

Details

(Keywords: csectype-disclosure, privacy, Whiteboard: [fingerprinting])

Attachments

(2 files)

PoC
788 bytes, text/html
Details
parent.html - PoC
306 bytes, text/html
Details
Attached file PoC 
If a web page navigates to a URL with external protocol with JavaScript document.location.href = "<scheme>"; , Firefox throws an exception if the specified scheme is unknown. Web pages can detect if the scheme is registered by catching the exception. There are many schemes that are known to associate with specific programs.

For instance, "steam:" protocol is associated with Steam Game client. If document.location.href = "steam:" throws an exception, then the user doesn't have Steam client installed; if it doesn't throw an exception, the user has Steam installed. This is a privacy issue, because users don't expect websites can detect this info.

That being said, if a protocol is known to the system, trying to navigate to it opens a popup. So users will know and get confused if attackers exploit this issue. But, by the time they see the popups, the detection already completes.

Edge and Chrome don't throw exceptions when external protocols are unknown.

Steps to reproduce:
Open the PoC in Firefox: https://xiaoyinl.github.io/rrk492vg2/external_protocol/parent.html
Attached file parent.html - PoC 

    
    

    
  
Arthur: another one for the fingerprinting list
Group: core-security
Flags: needinfo?(arthuredelstein)
Keywords: csectype-disclosure, 
          
            privacy
Whiteboard: [fingerprinting]

    
    

    
  
Oh awesome - this looks like the correct POC Of Bug 680300 that I was struggling to write.
See Also:  → 680300

    
    

    
  
Thanks, Dan!
Blocks: uplift_tor_fingerprinting, meta_tor
Flags: needinfo?(arthuredelstein)

    
    

    
  
In that case I am marking this bug as a duplicate.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: