Closed Bug 1895654 Opened 1 year ago Closed 1 year ago

Security: Incorrect URL Elision in Omnibox leading to Spoof [Windows][Regression]

Categories

(Firefox :: Address Bar, defect)

Product:
Firefox
Component:
Address Bar
Version:
Firefox 125
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1598175

People

(Reporter: jayateertha043, Unassigned)

Details

(Keywords: reporter-external)

Attachments

(1 file)

FF URL Omnibox Elision.png
145.40 KB, image/png
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Steps to reproduce:

  1. Go to https://jayateerthag.in
  2. Open Dev Console
  3. Enter window.open("https://long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com/", "littleWindow", "location=center,width=400,height=500");

Actual results:

URL is not elided properly for small windows as shown in attached screenshot.

Expected results:

URL should be elided properly

Reference: https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/url_display_guidelines/url_display_guidelines.md#eliding-urls

Why did you mark this as a regression? When did it work differently?

(In reply to Jayateertha Guruprasad from comment #0)

Reference: https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/url_display_guidelines/url_display_guidelines.md#eliding-urls

That's a chromium doc and this is the Firefox issue tracker...

Flags: needinfo?(jayateertha043)
Component: Untriaged → Address Bar

I am not sure if this is a regression.
As the documentation itself mentions and this seems like a old vulnerability, Hence asked to check for a regression to confirm.

This might most probably be a duplicate, I am not sure team kindly check & let me know.

Flags: needinfo?(jayateertha043)

Chrome doc I have attached as issue reference only, to explain what the vulnerability is about.
Nothing about firefox, only for better issue understanding.

I think this is pretty much bug 1598175

@marco I believe yes this might be dupe of 761043 if original report also includes windows.
Issue is similar.

It's surprising both chrome & firefox is affected & has not fixed the issue as per the standard guideline even after many years. (I understand there might be some complications looking at the history)

Flags: sec-bounty?
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Duplicate of bug: urlbar-truncate-desktop
Flags: sec-bounty? → sec-bounty-
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: