0.0.0.0 Day - 18 Yr Old Vulnerability Let Attackers Bypass All Browser Security - eviltoast
  • TehPers@beehaw.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    3 months ago

    While I agree, it makes connecting to localhost as easy as http://0:8080/ (for port 8080, but omit for port 80).

    I worry that changing this will cause more CVEs like the octal IP addresses incident.

    Edit: looks like it’s only being blocked for outgoing requests from websites, which seems like it’ll have a much more reasonable impact.

    Edit 2: skimming through these PRs, at least for WebKit, I don’t see tests for shorthand IPs like 0 (and no Apple device to test with). What are the chances they missed those…?

    • dan@upvote.au
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      3 months ago

      it makes connecting to localhost as easy as http://0:8080/ (for port 8080, but omit for port 80).

      The thing is that it’s not supposed to work, so it’s essentially relying on undefined behaviour. Typing [::1]:8080 is nearly as easy.

      skimming through these PRs, at least for WebKit, I don’t see tests for shorthand IPs like 0 (and no Apple device to test with). What are the chances they missed those…?

      I haven’t seen the PRs, but IP comparison should really be using the binary form of the IPv4 address (a 32-bit number), not the human-friendly form.