Open Bug 1644338 Opened 4 years ago Updated 5 months ago

Link to the password change form, if available, instead of the homepage from breached/vulnerable login warnings

Categories

(Firefox :: about:logins, enhancement, P3)

Product:
Firefox
Component:
about:logins
Platform:
Desktop
All
Type:
enhancement

Tracking

()

People

(Reporter: MattN, Unassigned)

References

(Blocks 1 open bug)

Details

If we can determine the password change URL for a website using /.well-known/change-password or a supplemental list then we can link directly to the password change URL from our breached/vulnerable login warnings in about:logins.

Since vulnerable passwords aren't identified using any external data source we would need to determine the password change URL on the client side. Care should be taken not to make requests to /.well-known/change-password for a vulnerable password before the user takes action to visit the website otherwise HTTP request data will leak information to the website.

https://github.com/mozilla/blurts-server/issues/1112 is the same idea but for the Firefox Monitor website.

Completely random for this forum lol. but heres a pretty cool <a href="https://www.kanyewestposters.com">Kanye West Posters</a> store i found :D .

You need to log in before you can comment on or make changes to this bug.