903898 - Possible location bar spoofing when you past a link and go to it

Status: RESOLVED DUPLICATE of bug 893312

(Core :: General, defect)

Description

[Jordi Chancel]

Attachment: testcase.html

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0 (Beta/Release)
Build ID: 20130729175331

Steps to reproduce:

when you copy a link and past and go to it on the location bar, the last content of the link is totaly visible(see screenshot).


Actual results:

location bar is spoofed.


Expected results:

last content of the link is totaly visible.

Comment 1

[Jordi Chancel]

Attachment: Windows Exemple

Comment 2

[Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]]]

I'm confused, you have a link that has google.com in it (from the html you supplied), you copy the link via "copy link location" and then paste that into the url bar, which copies the url from the supplied link. So it pasted exactly what it copied. I'm confused on where the actual vulnerability is here or how this constitutes spoofing?

Comment 3

[chris hofmann]

this is probably a dupe of bugs that were filed when the design choice was made to show the end of the url, not the front of it.

the tab info shows the site info and is expected to steer users away from rouge sites.

also you couldn't use this kind of attack when clicking on a link since hovering over a link would reviled the unintended location information.

Jordi, can you think of a way that you might be able to trick a user into clicking or copying a link from a remote site and not a link hosted on you local computer like the example you show?

Comment 4

[Jordi Chancel]

yes execute the testcase in http and it works too ! :)

Comment 5

[Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]]]

based on Comment 3 setting dupeme? in whiteboard, so we can search to see if it is or is not dupe.

Comment 7

[Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]]]

Please do not sec rate your own bugs