Protocol handler configuration

[Kris_88]

I recommend not using protocol handlers. There are potentially many security holes related to incorrect URLs and the corresponding command line. This mechanism is difficult to implement safely.

[Pelican]

I recommend not using protocol handlers.

For us it is the best solution and the hyperlinks are easy to implement. However to make it work we will create an EXE that the protocol handler in registry runs to launch PM while converting PaleMoonURL:// to https://

[Kris_88]

For us it is the best solution and the hyperlinks are easy to implement. However to make it work we will create an EXE that the protocol handler in registry runs to launch PM while converting PaleMoonURL:// to https://

it's not hard to make an EXE, but that's not the point...
An attacker can generate an incorrect URL in such a way that several commands appear on the command line. The line will not only launch the browser (or you exe, which will launch the browser), but also do something else that the attacker needs. You are essentially enabling web pages to execute commands on your operating system. And it is very difficult to foresee all variants of incorrect URLs.
Just wanted to warn...

[Kris_88]

https://www.google.com/search?q=custom+ ... nerability

[Pelican]

https://www.google.com/search?q=custom+ ... nerability

I don't think that this is relevant to our discussion about launching Pale Moon to load a specific URL.

[Kris_88]

I don't think that this is relevant to our discussion about launching Pale Moon to load a specific URL.

The problem does not depend on your thoughts about it....

[Pelican]

The problem does not depend on your thoughts about it....

How does the vulnerability mentioned in that link pose a problem for launching PM to open a https url?

[Kris_88]

How does the vulnerability mentioned in that link pose a problem for launching PM to open a https url?

I'm afraid that I will need a lot of time to explain. And you will not thank anyway.
I can say that on the Internet there are solutions to the problem that you are talking about, and even without the use of .bat and .exe. But they are not safe, although no one warns about this when he gives these solutions. In some cases I see which malformed URL should be used to execute an extraneous command in the system. I do not bring these solutions for your safety.
In general, there are many places where there may be a mistake - in the system, in the Pale Moon, in other browsers, in the adapter of the protocol. A mistake that leads to a security problem. I am not sure of the reliability of the whole chain, so I warn.

[Pelican]

A mistake that leads to a security problem.

Well I don't think there is a vulnerability in this case to worry about because:
0. the action will begin from a hyperlink on a web page
1. the protocol handler added to registry runs our launcher.exe specifically
2. the launcher exe will run PM specifically
3. the conversion of the url to replace with https will produce a web page link
4. if that web page is not found, no problem
5. as a web page it can do more harm that visiting any other web page
6. PM like other browsers prevents the running of malicious file types

However I am now thinking that our launcher.exe should be checking for samesite usage.

Thank you!

[Kris_88]

As for the Pale Moon, the additional parameters for substitutions in the mimeTypes.rdf would be a good solution.

Code: Select all

  <RDF:Description RDF:about="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"
     NC:prettyName="Gmail"
     NC:uriTemplate="https://mail.google.com/mail/?extsrc=mailto&url=%s" />

The urn:handler:web сan be used. But now only %s is replaced with URL. It would be interesting to have other substitutions for URL parts. Then it would be possible, for example, to change the protocol.

probably, system\network\exthandler\nsWebHandlerApp.js

Moonchild, what do you think?

[Kris_88]

3. the conversion of the url to replace with https will produce a web page link

BTW, why exactly "https" ? What about http, ftp, and so on?
It would be better to use links like
palemoonurl:https://www.google.com/

[Pelican]

BTW, why exactly "https" ? What about http, ftp, and so on?

I am only interested in launching PM from other browsers and that will be for a web page, usually a login page.

https is the recommended protocol.