Closed Bug 1595539 Opened 6 years ago Closed 6 years ago

Weird URL parsing of pasted URL redirects to invalid TLD

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Version:
70 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: 13hurdw, Unassigned)

References

(
URL
)

Details

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0

Steps to reproduce:

Paste URL http://www.ops-ecat.schneider-electric.com/ecatalogue/browse.do?cat_id=BU_POW_2554_L3_Z002&conf=seo&el_typ=product&nod_id=4serial.com0003&prd_id=NSYCVF570M115MF&scp_id=Z002

Does not appear to have any hidden, zero-width characters - https://gchq.github.io/CyberChef/#recipe=To_Hex('Space')&input=aHR0cDovL3d3dy5vcHMtZWNhdC5zY2huZWlkZXItZWxlY3RyaWMuY29tL2VjYXRhbG9ndWUvYnJvd3NlLmRvP2NhdF9pZD1CVV9QT1dfMjU1NF9MM19aMDAyJmNvbmY9c2VvJmVsX3R5cD1wcm9kdWN0Jm5vZF9pZD00c2VyaWFsLmNvbTAwMDMmcHJkX2lkPU5TWUNWRjU3ME0xMTVNRiZzY3BfaWQ9WjAwMg

Actual results:

URL changed to https://www.ops-ecat.schneider-electric.comecat/browse.do?range_id=2554&conf=seo&el_typ=product&nod_id=4serial.com0003&prd_id=NSYCVF570M115MF&scp_id=ES_es
which doesn't resolve obviously because .comecat is not valid

Expected results:

Browser loads the URL http://www.ops-ecat.schneider-electric.com/ecatalogue/browse.do?cat_id=BU_POW_2554_L3_Z002&conf=seo&el_typ=product&nod_id=4serial.com0003&prd_id=NSYCVF570M115MF&scp_id=Z002, as displayed

That's the server response, so that's what the browser tries to load. Same result in Vivaldi.

GET http://www.ops-ecat.schneider-electric.com/ecatalogue/browse.do?cat_id=BU_POW_2554_L3_Z002&conf=seo&el_typ=product&nod_id=4serial.com0003&prd_id=NSYCVF570M115MF&scp_id=Z002

301 Location: https://www.ops-ecat.schneider-electric.comecat/browse.do?range_id=2554&conf=seo&el_typ=product&nod_id=4serial.com0003&prd_id=NSYCVF570M115MF&scp_id=ES_es
URL: http://www.ops-ecat.schneider-electri...
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Component: Untriaged → Networking: HTTP
Product: Firefox → Core
Resolution: --- → INVALID

(In reply to Gingerbread Man from comment #1)

That's the server response, so that's what the browser tries to load. Same result in Vivaldi.

GET http://www.ops-ecat.schneider-electric.com/ecatalogue/browse.do?cat_id=BU_POW_2554_L3_Z002&conf=seo&el_typ=product&nod_id=4serial.com0003&prd_id=NSYCVF570M115MF&scp_id=Z002

301 Location: https://www.ops-ecat.schneider-electric.comecat/browse.do?range_id=2554&conf=seo&el_typ=product&nod_id=4serial.com0003&prd_id=NSYCVF570M115MF&scp_id=ES_es

doh, thanks

You need to log in before you can comment on or make changes to this bug.