Closed
Bug 1272171
Opened 8 years ago
Closed 7 years ago
url spoof issue when using feed: protocol + POST method
Categories
(Core :: DOM: Security, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: dimi, Unassigned)
References
Details
(Keywords: sec-low, Whiteboard: [domsecurity-backlog])
Attachments
(1 file)
379 bytes,
text/html
|
Details |
This is clone of Bug #1148732 to track url spoof issue
Reporter | ||
Comment 1•8 years ago
|
||
Reporter | ||
Updated•8 years ago
|
See Also: → CVE-2015-4483
Comment 2•8 years ago
|
||
Marking this as sec-low, since it's a spinoff of Bug 1148732.
Keywords: sec-low
Whiteboard: [domsecurity-backlog]
Updated•8 years ago
|
Group: core-security → dom-core-security
Comment 3•7 years ago
|
||
This is fixed in 51 (maybe 50?) since pages can no longer load feed: urls directly. Still an issue for ESR-45 but the big anti-phishing warning doesn't make it a very good spoof.
Group: dom-core-security
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox51:
--- → fixed
status-firefox-esr45:
--- → affected
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•