Status: Untriaged Owner: jcam...@chromium.org CC: p...@chromium.org, i...@chromium.org Labels: Type-Bug Pri-2 OS-All Area-Misc
New issue 6442 by jcam...@chromium.org: Malware redirects should be blocked http://code.google.com/p/chromium/issues/detail?id=6442 Navigating to a URL flagged as malware/phishing which is a redirect triggers an interstitial but still follows the redirect. We should wait for the user to select proceed before we follow the redirect. An example of this is www.rxpharmacyonline.net/6/ which redirects to http://xxxmovies.dip.jp/6/, triggering a DCHECK in safe_browsing_resource_handler.cc (in OnUrlCheckResult() as we are trying to show an interstitial when an interstitial is already showing). How we could implement this: In order to do that we would probably need to change ResourceHandler::OnRequestRedirected() to return a state (PROCEED, BLOCK or PAUSE) instead of the current boolean. Then the ResourceDispatcherHost::OnReceivedRedirect() would pause the URLRequest as a result of the PAUSE state being returned. URLRequestJob::NotifyHeadersComplete() when processing the redirect would check for the paused status and would bail early without following the redirect. We would then need a way on the request to resume the request, which we would call from the SafeBrowsingResourceHandler when the user has notified us she wants to proceed. We would then follow the redirect. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
