Closed Bug 1676804 Opened 4 years ago Closed 3 years ago

Path canonicalization incorrectly applied to the query parameters

Categories

(Toolkit :: Safe Browsing, defect, P2)

Product:
Toolkit
Component:
Safe Browsing
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
85 Branch
Tracking Flags:
Tracking Status
firefox85 --- fixed

People

(Reporter: hectorz, Assigned: dlee)

References

(
URL
)

Details

Attachments

(3 files)

Bug 1676804 - P1. Safe Browsing canonicalization should not include query string r=gcp
47 bytes, text/x-phabricator-request
Details | Review
Bug 1676804 - P2. Safe Browsing canonicalization should escape # r=gcp
47 bytes, text/x-phabricator-request
Details | Review
Bug 1676804 - P3. Add testcase r=gcp
47 bytes, text/x-phabricator-request
Details | Review

I'm trying to determine why some urls included in our safe browsing list are not blocked in Fx, and I think there's a client side bug in Fx.

Instead of Canonicalize("http://host.com//twoslashes?more//slashes") = "http://host.com/twoslashes?more//slashes"; as documented by Google, in Fx's browser console:

» let urlUtils = Cc["@mozilla.org/url-classifier/utils;1"].getService(Ci.nsIUrlClassifierUtils);
← <XPCWrappedNative_NoHelper ...>
» urlUtils.getKeyForURI(Services.io.newURI('http://host.com//twoslashes?more//slashes'));
← "host.com/twoslashes?more/slashes"

Note the more//slashes => more/slashes change.

The severity field is not set for this bug.
:dimi, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(dlee)

(In reply to Hector Zhao [:hectorz] from comment #0)

I'm trying to determine why some urls included in our safe browsing list are not blocked in Fx, and I think there's a client side bug in Fx.

Thank you for reporting this!

Assignee: nobody → dlee
Severity: -- → S3
Status: NEW → ASSIGNED
Flags: needinfo?(dlee)
Priority: -- → P2
Attachment #9191595 - Attachment description: Bug 1676804 - P1. Safe Browsing canonicalization should not include query string → Bug 1676804 - P1. Safe Browsing canonicalization should not include query string r=gcp
Attachment #9191932 - Attachment description: Bug 1676804 - P2. Safe Browsing canonicalization should escape # → Bug 1676804 - P2. Safe Browsing canonicalization should escape # r=gcp
Attachment #9191933 - Attachment description: Bug 1676804 - P3. Add testcase → Bug 1676804 - P3. Add testcase r=gcp
Pushed by dlee@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2e19e69edfcb
P1. Safe Browsing canonicalization should not include query string r=gcp
https://hg.mozilla.org/integration/autoland/rev/bf90a5835a15
P2. Safe Browsing canonicalization should escape # r=gcp
https://hg.mozilla.org/integration/autoland/rev/c50c5c214c49
P3. Add testcase r=gcp

https://hg.mozilla.org/mozilla-central/rev/2e19e69edfcb
https://hg.mozilla.org/mozilla-central/rev/bf90a5835a15
https://hg.mozilla.org/mozilla-central/rev/c50c5c214c49

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox85: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 85 Branch
Regressions: 1825179
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: