Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Force the referrer to always be 'no-referrer' while in speedreader mode. #21481

Merged
merged 1 commit into from
Jan 4, 2024

Conversation

boocmp
Copy link
Contributor

@boocmp boocmp commented Jan 3, 2024

Resolves brave/brave-browser#35095

Submitter Checklist:

  • I confirm that no security/privacy review is needed and no other type of reviews are needed, or that I have requested them
  • There is a ticket for my issue
  • Used Github auto-closing keywords in the PR description above
  • Wrote a good PR/commit description
  • Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
  • Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
  • Checked the PR locally:
    • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
    • npm run lint, npm run presubmit wiki, npm run gn_check, npm run tslint
  • Ran git rebase master (if needed)

Reviewer Checklist:

  • A security review is not needed, or a link to one is included in the PR description
  • New files have MPL-2.0 license header
  • Adequate test coverage exists to prevent regressions
  • Major classes, functions and non-trivial code blocks are well-commented
  • Changes in component dependencies are properly reflected in gn
  • Code follows the style guide
  • Test plan is specified in PR before merging

After-merge Checklist:

Test Plan:

  1. Visit https://secret-subdomain.csrf.jp/2024/brave-speedreader-meta-referrer-bypass.php
  2. Push memo icon in the address bar and open the page with Speedreader
  3. Click the link "Referrer Check"
  4. Check that the secret domain name (secret-subdomain.csrf.jp) isn't sent to the evil website through REFERER header

@boocmp boocmp self-assigned this Jan 3, 2024
@boocmp boocmp requested a review from iefremov as a code owner January 3, 2024 09:24
@kjozwiak
Copy link
Member

kjozwiak commented Jan 5, 2024

Verification PASSED on Win 11 x64 using the following build(s):

Brave | 1.63.97 Chromium: 120.0.6099.199 (Official Build) nightly (64-bit)
-- | --
Revision | 3422bfceaa2c9ed3cdc478c9e7009893c7078a3b
OS | Windows 11 Version 22H2 (Build 22621.2861)

Reproduced the original on 1.63.92 Chromium: 120.0.6099.144 using the STR/Cases outlined via #21481 (comment). Once reproduced, used the same STR/Cases and ensured that the issue has been fixed via 1.63.97 Chromium: 120.0.6099.199 as per the following:

Example Example
referralReproduced referralFixed

kjozwiak pushed a commit that referenced this pull request Jan 7, 2024
…de. (uplift to 1.62.x) (#21497)

Uplift of #21481 (squashed) to beta
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

[hackerone] Force the referrer to always be 'no-referrer' while in Speedreader
3 participants