Note the text overlap in the address bar.
Edit: Note that the HTTP/1.1 [...] portion of the URL is from a test file used to test the HTTP header injection issue (#6557). It is unrelated to this issue - it's simply the test file I was using initially. HTTP header injection is no longer possible and unrelated to this issue.
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<a href="http://10.1.1.115:1337/test HTTP/1.1
Abcd: efgh
Ijkl: mnop
">Click me</a>
</body>
</html>This can also be used to perform some mildly amusing URL spoofing attacks in the status bar and address bar.
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<a href="http://example.com/?
http://google.com/
">Click me</a>
</body>
</html>Tweaking the number of new lines and spaces in the URL could probably make the address bar URL look more realistic.
For example, for long URLs, the address bad scrolls to the right.
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<a href="http://example.com/? http://google.com/
">Click me</a>
</body>
</html>Fix
The approach taken in #6557 was to URL encode characters such as 0x0a and 0x0d to resolve issues with CRLF new line injection in HTTP requests. This change applied only to ResourceLoader and did not patch rendering of the URL in Browser UI or status bar. A similar approach should be applied here.
Note that there are likely mane other characters which are problematic for rendering (such a tab 0x09).
How does funding with Polar work?
Pay now to fund the work behind this issue.
Get updates on progress being made.
Maintainer is rewarded once the issue is completed.
Backer
You're funding impactful open source efforts
Contributor
You want to contribute to this effort
Maintainer
You want to get funding like this too