Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

disable non-chrome-extension origins from navigating to chrome-extension #14772

Closed
diracdeltas opened this issue Jul 17, 2018 · 3 comments · Fixed by brave/muon#635
Closed

disable non-chrome-extension origins from navigating to chrome-extension #14772

diracdeltas opened this issue Jul 17, 2018 · 3 comments · Fixed by brave/muon#635
Assignees
@diracdeltas
Labels
QA/checked-Linux QA/checked-macOS QA/checked-Win64 QA/test-plan-specified release-notes/include security
Milestone
0.23.x Hotfix (Re...

Comments

@diracdeltas
Copy link
Member

diracdeltas commented Jul 17, 2018
edited
Loading

independent of #14712 , we should generally not allow origins that are not chrome-extension to navigate to chrome-extension

note it's already blocked in some origins like http and https

TEST PLAN:

  1. save the following to a local file
<html>
    <head>
        <meta http-equiv="refresh" content="0;url=chrome-extension://mnojpmjdmbbfmejpflffifhffcmidifd/about-preferences.html" />
        <title>Page Moved</title>
    </head>
    <body>
        This page has moved. 
    </body>
</html>
  1. open it in brave
  2. it should navigate to about:blank instead of about:preferences
@diracdeltas diracdeltas self-assigned this Jul 17, 2018
diracdeltas added a commit that referenced this issue Jul 18, 2018
@diracdeltas
Prevent non-extension origins from navigating to chrome-extension://
c5ab0ea 
fix #14772
@diracdeltas diracdeltas mentioned this issue Jul 18, 2018
Closed
10 tasks
@bridiver bridiver added cr68 and removed cr68 labels Jul 19, 2018
diracdeltas added a commit to brave/muon that referenced this issue Jul 26, 2018
@diracdeltas
Update AtomBrowserClientExtensionsPart::ShouldAllowOpenURL from upstream
d530c1e 
From ChromeContentBrowserClientExtensionsPart::ShouldAllowOpenURL

Possibly fix brave/browser-laptop#14772
@diracdeltas diracdeltas mentioned this issue Jul 26, 2018
Merged
@diracdeltas
Copy link
Member Author

@bsclifton i think this is now in the hotfix since brave/muon#635 was merged into 8.0.6.
https://github.com/brave/muon/commits/v8.0.6

@diracdeltas
Copy link
Member Author

verified this behavior is fixed in 0.23.77

@srirambv
Copy link
Collaborator

srirambv commented Aug 3, 2018
edited by kjozwiak
Loading

Verified on Windows using

  • 0.23.77 0125b5f
  • Muon 8.0.6
    *libchromiumcontent 68.0.3440.84

Verified on macOS 10.13.6 x64 using the following build:

  • 0.23.77 0125b5f
  • muon: 8.0.6
  • libchromiumcontent: 68.0.3440.84

Reproduced the issue using 0.23.73 and ensured the issue was reproducible under 0.23.77. Opened the poc example in normal tabs, PB tabs, session tabs and several new windows.

Verified on Ubuntu 17.10 x64 using the following build:

  • 0.23.77 0125b5f
  • muon: 8.0.6
  • libchromiumcontent: 68.0.3440.84

@kjozwiak kjozwiak mentioned this issue Aug 3, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@diracdeltas diracdeltas

Labels
QA/checked-Linux QA/checked-macOS QA/checked-Win64 QA/test-plan-specified release-notes/include security
Projects
None yet
Milestone
0.23.x Hotfix (Release Channel)
4 participants
@bridiver @diracdeltas @kjozwiak @srirambv