Closed Bug 1858558 Opened 1 years ago Closed 1 years ago

Forcing access to arbitrary url by using non HTTPS basic auth url scheme

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
Firefox 118
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1858565

People

(Reporter: rachmat.abdul.ro, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/118.0

Steps to reproduce:

  1. Open Firefox in private browsing mode
  2. Access https://mozilla.org
  3. On the same tab, change the url to https://www.mozilla.org@evil.com and press enter
  4. You will see a confirmation pop up to continue access to "evil.com", select "No" then you WILL NOT be redirected to "evil.com"
  5. Repeat step number 3, but change the url that previously used HTTPS to HTTP so that the url looks like this: http://www.mozilla.org@evil.com
  6. When the confirmation pop up appears, keep selecting "No". You will be redirected to evil.com

Actual results:

The page will be redirected to "evil.com" even if the user has selected the "No" option on the pop up confirmation dialog.

Expected results:

The page SHOULD NOT be redirected when the user selects the "No" option during confirmation.

Group: firefox-core-security
Summary: Forcing access to arbitrary url by using non HTTPS basic auth url scheme → ----
Status: UNCONFIRMED → RESOLVED
Closed: 1 years ago
Duplicate of bug: 1858565
Resolution: --- → DUPLICATE

Restoring original duplicate title so it makes some sense in a bug list without having to open it to see what's going on, and doesn't look like an invalid bug.

Group: firefox-core-security
Summary: ---- → Forcing access to arbitrary url by using non HTTPS basic auth url scheme
You need to log in before you can comment on or make changes to this bug.