iOS Camera Features A QR Code Parser Bug
iOS has come a long way. From an old-school interface to postmodern, it featured numerous layout as well as internal changes. However, the platform has not always been free from bugs and issues. In addition to this, Apple usually starts working on fixing these bugs as soon as they are discovered. With the launch of iOS 11, there was a boatload of bugs crawling in the operating system, probably more than any other iOS release to date. However, while the company is making the platform more stable as we speak, new bugs are being found on the other end. Now, the iOS camera app features a QR code URL parser bug. So let's dive in to see some more details on the matter.
iOS Camera Contains A QR Code Parser Bug
iOS 11 camera app has the ability to not only automatically scan QR codes but interpret them as well. Previously, you needed third-party apps to perform the same purpose, so it's good that the functionality has arrived in the stock firmware. The bug involves scanning a QR code that contains a URL. Once you scan the QR code, you will receive a notification carrying the hostname where Safari will redirect you to.
When the hostname is added that compliments the URL, there doesn't seem to be an issue. However, a QR code can be constructed that contains a specific hostname in the notifications but opening another link in Safari. Check it out below:
As can be seen, Safari will access the "infosec.rm-it.de" URL with facebook.com set as the hostname. However, it redirects Safari to open another link. It can be said that the URL parser of the camera app does not detect the hostname in the link like Safari which leads to a different hostname being displayed in notifications. The issue was reported to Apple at the end of December of last year and it has still not been fixed. We will let you guys know if there is an update to the story.
This is all for now, folks. What are your thoughts on the iOS camera QR code URL parser bug? Let us know in the comments.
News Source: Infosec