Application Protocols represent a compelling attack vector because they’re the most reliable and cross-browser compatible way to escape a browser’s sandbox, and they work in many contexts (Office apps, some PDFs handlers, some chat/messaging clients, etc). Some protocol handlers are broadly used, while others are only used for particular workflows which may not be relevantContinue reading “Defense Techniques: Blocking Protocol Handlers”
Tag Archives: Protocol
Edge URL Schemes
The microsoft-edge: Application Protocol Microsoft Edge implements an Application Protocol with the scheme microsoft-edge: that is designed to launch Microsoft Edge and pass along a web-schemed URL and/or additional arguments. A basic invocation might be as simple as: microsoft-edge:http://example.com/ However, as is often the case with things I choose to write about, there’s a bitContinue reading “Edge URL Schemes”
Adding Protocol Schemes to Chromium
Previously, I’ve written a lot about Application Protocols, which are a simple and popular common mechanism for browsers to send a short string of data out to an external application for handling. For instance, mailto is a common example of a scheme treated as an Application Protocol; if you invoke mailto:someone@somewhere.com, the browser will convertContinue reading “Adding Protocol Schemes to Chromium”
Bypassing AppProtocol Prompts
Starting in Microsoft Edge 77 (and Chrome 77), the prompt shown when launching an AppProtocol from the browser was changed to remove the “Always allow” checkbox. That change was made, in large part, because this prompt is the only thing standing between every arbitrary site on the Internet (loaded inside your browser’s sandbox) and aContinue reading “Bypassing AppProtocol Prompts”
AppOrWeb-to-WebApp Communication: Custom Scheme Handlers
I’ve previously written about Web-to-App communication via Application Protocols. App Protocols allow web content to invoke a native application outside of the browser. WebApp advocates (like me!) want to continue to close the native/browser gaps that prevent web applications from becoming full-fledged replacements for native apps. To that end, I’ve recently spent some time lookingContinue reading “AppOrWeb-to-WebApp Communication: Custom Scheme Handlers”
text/plain 