Closed
Bug 1334808
Opened 7 years ago
Closed 7 years ago
Detection of local files at https://testpilot.firefox.com
Categories
(Websites :: Other, defect)
Websites
Other
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: saurabh.banawar, Unassigned)
References
()
Details
(Whiteboard: [reporter-external] [web-bounty-form] [verif?])
1. Go to: https://testpilot.firefox.com 2. Attach a local proxy to the browser. 3. Click on Install the Test Pilot Add on 4. The HTTP Request goes to: https://testpilot.firefox.com/static/addon/addon.xpi 5. Intercept the response to this request. 6. Observe that server side module and file names are disclosed in the body of the response.
Flags: sec-bounty?
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Comment 2•7 years ago
|
||
> 6. Observe that server side module and file names are disclosed in the body of the response.
I'm not seeing anything being disclosed. Please be more specific.
At any rate, this isn't a security issue.
Group: websites-security
Flags: sec-bounty? → sec-bounty-
Resolution: DUPLICATE → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•