Closed Bug 1563039 Opened 5 years ago Closed 5 years ago

Incorrect domain and tld highlighting (urlbar.formatting)

Categories

(Firefox for Android Graveyard :: General, defect)

Product:
Firefox for Android Graveyard
Component:
General
Version:
Firefox 67
Platform:
ARM
Android
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(firefox-esr60 wontfix, firefox-esr68 verified, firefox68 wontfix, firefox69 verified, firefox70 verified)

Status:
VERIFIED FIXED
Milestone:
Firefox 70
Tracking Flags:
Tracking Status
firefox-esr60 --- wontfix
firefox-esr68 --- verified
firefox68 --- wontfix
firefox69 --- verified
firefox70 --- verified

People

(Reporter: m8r-x3rq311, Assigned: JanH)

Details

(Whiteboard: [fennec68.1])

Attachments

(2 files)

android.png
13.82 KB, image/png
Details
Bug 1563039 - Fix erroneous base domain highlighting. r?VladBaicu
47 bytes, text/x-phabricator-request
RyanVM
: approval-mozilla-beta+
RyanVM
: approval-mozilla-esr68+
Details | Review
Attached image android.png

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0

Steps to reproduce:

Visit https://one.one.one.one/ on Android

Actual results:

The subdomains (The first 2 "one.one"'s) are highlighted as the domain and tld

Expected results:

The domain and tld (The last 2 "one.one"'s) should be highlighted

Does not need to be a security bug.

Group: mobile-core-security
Status: UNCONFIRMED → NEW
Ever confirmed: true

(In reply to Kevin Brosnan [:kbrosnan] from comment #1)

Does not need to be a security bug.

I (perhaps obviously) disagree as the intent of the feature is to prevent subdomain-style domain spoofing attacks - whereas this bug in the feature would actually highlight the domain being spoofed as the legitimate site(!)

This looks like a specific case of one site. Playing around with similar domains such as https://www.one.one or https://google.one.one are highlighted as expected.

Reproducible also on 69.0a1 and 68 Fennec. I will set the flags to reflect the affected versions.

Assignee: jh+bugzilla → nobody
status-firefox68: --- → affected
status-firefox69: --- → affected
OS: Unspecified → Android
Hardware: Unspecified → ARM

Tested with v41 (~2015) which was also affected. :sflorean did you mean to un-assign :JanH?

Sorry Jan, when I posted the comment I unassigned you. Thanks bugcon for the notice.

Assignee: nobody → jh+bugzilla

(In reply to Jan Henning [:JanH] from comment #4)

Whoops, I guess https://dxr.mozilla.org/mozilla-central/rev/fd2778a2ce8ba1284cba867f4358f9fcaf795568/mobile/android/base/java/org/mozilla/gecko/toolbar/ToolbarDisplayLayout.java#335 actually needs to use lastIndexOf().

Actually not quite as simple, because otherwise we could mistakenly get matches in the path part of the domain.

Domain highlighting needs to find the last instance of the base domain within
the domain part of the URL. Otherwise, there's a chance we mistakenly highlight
(parts of) a subdomain if it matches the base domain, too.

Pushed by mozilla@buttercookie.de:
https://hg.mozilla.org/integration/autoland/rev/67f71ec8a8a4
Fix erroneous base domain highlighting. r=VladBaicu

Comment on attachment 9076624 [details]
Bug 1563039 - Fix erroneous base domain highlighting. r?VladBaicu

ESR Uplift Approval Request

  • If this is not a sec:{high,crit} bug, please state case for ESR consideration: Bug fix for URL bar domain highlighting
  • User impact if declined: If the base domain (eTLD + 1) appears within the subdomain as well, we mistakenly highlight (and scroll to) that part of the subdomain instead of the proper base domain.
  • Fix Landed on Version: 70
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): Only small change in the highlighting code required, so we correctly find the last appearance of the base domain inside the domain segment of the URL.
  • String or UUID changes made by this patch: none
Attachment #9076624 - Flags: approval-mozilla-esr68?

https://hg.mozilla.org/mozilla-central/rev/67f71ec8a8a4

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox70: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 70

Comment on attachment 9076624 [details]
Bug 1563039 - Fix erroneous base domain highlighting. r?VladBaicu

Fixes erroneous domain highlighting, approved for Fennec 68.1b2 (and Beta too just to cover bases).

Attachment #9076624 - Flags: approval-mozilla-esr68?
Attachment #9076624 - Flags: approval-mozilla-esr68+
Attachment #9076624 - Flags: approval-mozilla-beta+

Verified as fixed on Nightly 70.0a1 (2019-07-18), Beta 69.0b6 and Beta ESR 68.1b2.
Devices:

  • Motorola Moto G6 (Android 8);
  • Samsung Galaxy S8 (Android 9);
  • Google Pixel (Android Q).
Status: RESOLVED → VERIFIED
status-firefox69: fixedverified
status-firefox70: fixedverified
status-firefox-esr68: fixedverified
Whiteboard: [fennec68.1]
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: