User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Build ID: 20150620063927 Steps to reproduce: Went to some website and downloaded some potentially shade .exe (or .msi, .dmg, .rpm, .deb) file over HTTP or FTP. Actual results: It just let me download it without warning. Expected results: Firefox should have warned me or displayed a notice that I was downloading a executable binary over a non-secure source (HTTP instead of HTTPS). Else the user could get infected by malware using a fake DNS attack, such as when on an open Wi-Fi network.
Also display a notice in the Firefox Developer Console so that the developer is informed and aware that the visitors of his website can get infected by malware when they download software from his website and that he should use HTTPS/FTPS instead of HTTP/FTP.
Severity: normal → major
QA Whiteboard: [bugday-20150727]
Component: Untriaged → Downloads Panel
OS: Unspecified → All
Forward duping given the same reporter and the fact that the other bug is being tracked better.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 8 months ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1303739
You need to log in before you can comment on or make changes to this bug.