Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

bypass data: phishing warning by opening a URL in a new tab #10754

Closed
diracdeltas opened this issue Aug 31, 2017 · 0 comments · Fixed by #10760
Closed

bypass data: phishing warning by opening a URL in a new tab #10754

diracdeltas opened this issue Aug 31, 2017 · 0 comments · Fixed by #10760
Assignees
@diracdeltas
Labels
QA/checked-Linux QA/checked-macOS QA/checked-Win64 QA/test-plan-specified release-notes/include sec-low security
Milestone
0.20.x (Release C...

Comments

@diracdeltas
Copy link
Member

diracdeltas commented Aug 31, 2017
edited by cezaraugusto
Loading

Test plan

#10760 (comment)

STR:
save <a href='data:,Hello%2C%20World!'>click me</a> to an HTML file
open it and right-click the anchor element to open in new tab

you should see a data phishing URL warning, but instead you see 'this site is secure' for the current tab.
@diracdeltas diracdeltas added this to the 0.21.x (Nightly Channel) milestone Aug 31, 2017
@diracdeltas diracdeltas self-assigned this Aug 31, 2017
diracdeltas added a commit that referenced this issue Sep 1, 2017
@diracdeltas
fix data URL phishing warning appear on the wrong tab
04376e5 
fix #10754

test plan
1. go to https://jsfiddle.net/y3uw6q1w/
2. right click the link and open in new tab
3. no siteInfo popup should appear
4. switch to the new tab
5. siteInfo popup should appear
6. switch to tab 1 and back to tab 2. the siteInfo popup should not appear.
@diracdeltas diracdeltas mentioned this issue Sep 1, 2017
Merged
8 tasks
@ghost ghost added the sprint/1 label Sep 13, 2017
@bbondy bbondy modified the milestones: 0.21.x (Developer Channel), 0.20.x (Beta Channel) Oct 25, 2017
This was referenced Dec 20, 2017
Closed
Closed
@kjozwiak kjozwiak mentioned this issue Jan 31, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@diracdeltas diracdeltas

Labels
QA/checked-Linux QA/checked-macOS QA/checked-Win64 QA/test-plan-specified release-notes/include sec-low security
Projects
None yet
Milestone
0.20.x (Release Channel)
Development

Successfully merging a pull request may close this issue.

fix data URL phishing warning appear on the wrong tab brave/browser-laptop
6 participants
@diracdeltas @bbondy @luixxiul @bsclifton @srirambv @LaurenWags