RESOLVED FIXED 185103
[GTK] Webkit should spoof as Safari on a Mac when on Chase.com 
https://bugs.webkit.org/show_bug.cgi?id=185103
Summary [GTK] Webkit should spoof as Safari on a Mac when on Chase.com
Ryan Farmer
Reported 2018-04-27 19:43:10 PDT
[GTK] Webkit should spoof as Safari on a Mac when on Chase.com When given the default user agent for GNOME Web, Chase gives the user an "upgrade your browser" nag screen, and then when logged in, it gives you a crappy fallback site for obsolete web browsers. Boo! I think we have more of a shot at finding Jimmy Hoffa than convincing one of the largest US banks to quit demanding that we use another web browser. Safari 11.1 on Mac OS X user agent results in normal online banking site and everything seems to work.
Attachments
Patch (3.40 KB, patch)
2018-04-29 14:54 PDT, Michael Catanzaro 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2018-04-28 14:58:58 PDT
OK
Michael Catanzaro
Comment 2 2018-04-29 14:41:56 PDT
I tested this and the quirk doesn't work. The problem also doesn't occur in MiniBrowser. Chase seems to be checking the final component of the user agent (Epiphany/605.1.15).
Michael Catanzaro
Comment 3 2018-04-29 14:50:40 PDT
(In reply to Michael Catanzaro from comment #2) > I tested this and the quirk doesn't work. Hm, maybe I forgot to build or something. It works fine.
Michael Catanzaro
Comment 4 2018-04-29 14:54:45 PDT
Created attachment 339099 [details] Patch
EWS Watchlist
Comment 5 2018-04-29 14:56:28 PDT
Attachment 339099 [details] did not pass style-queue: ERROR: Tools/ChangeLog:3: Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: spoof [changelog/unwantedsecurityterms] [3] ERROR: Source/WebCore/ChangeLog:3: Please consider whether the use of security-sensitive phrasing could help someone exploit WebKit: spoof [changelog/unwantedsecurityterms] [3] Total errors found: 2 in 4 files If any of these errors are false positives, please file a bug against check-webkit-style.
WebKit Commit Bot
Comment 6 2018-04-30 08:16:20 PDT
Comment on attachment 339099 [details] Patch Clearing flags on attachment: 339099 Committed r231156: <https://trac.webkit.org/changeset/231156>
WebKit Commit Bot
Comment 7 2018-04-30 08:16:21 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.