Closed
Bug 264850
Opened 20 years ago
Closed 11 years ago
Warn about fake links (where anchor text looks like a URL but the href goes elsewhere)
Categories
(Toolkit :: Safe Browsing, enhancement)
Toolkit
Safe Browsing
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: mailinglists, Unassigned)
References
Details
Attachments
(1 file, 1 obsolete file)
404 bytes,
text/html
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.8a3) Gecko/20040817 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.8a3) Gecko/20040817 Some links are displayed as http://www.mytrusteddomain.com but they point to http://anotherdomain.com ( or to an hidden inline attachment in a email). I think that Mozilla should warn about this kind of links, maybe with an icon beside the link and a confirmation message box when clicked. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Comment 1•20 years ago
|
||
*** Bug 264853 has been marked as a duplicate of this bug. ***
(In reply to comment #0) > Some links are displayed as http://www.mytrusteddomain.com but they point to > http://anotherdomain.com ( or to an hidden inline attachment in a email). for example see Bug 264629
Comment 3•20 years ago
|
||
> Some links are displayed as http://www.mytrusteddomain.com but they point to > http://anotherdomain.com Under what circumstances? Please attach a testcase that demonstrates this problem using https://bugzilla.mozilla.org/attachment.cgi?bugid=264850&action=enter
Comment 4•20 years ago
|
||
I think the reporter is refering to something very basic, the fact that when the text displayed for a link looks like an URL, the user will be less careful and will forget to check on the status bar that the destination of the link is identicial to what would be expected from it's text. I don't know how relevant this is. Isn't the real security to just make sure that just clicking on a link will never by itself be a security risk ? We'll never avoid *all* the method to push someone to click on a link, thinking that it's a *good* link.
Comment 5•20 years ago
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=254913#c6 shows a concrete case of spammer actually trying to use that, and with js to fake the status bar. In fact, it works somewhat better in browser, as js will much more often be enabled, even if it seems less usable than from a mail link.
Attachment #163419 -
Attachment is obsolete: true
Updated•20 years ago
|
Product: Browser → Seamonkey
*** This bug has been confirmed by popular vote. ***
Status: UNCONFIRMED → NEW
Ever confirmed: true
note that at least in 2004111805 we show the real destination when you click (don't release the button until you're sure you're going where you think you're going).
Comment 8•20 years ago
|
||
Assigning to confimer for reassignment to a relevant component. Please don't confirm bugs while leaving them in browser-general.
Assignee: general → juanrey
Component: Browser-General → HTML: Parser
Product: Seamonkey → Core
Comment 9•20 years ago
|
||
certainly not a parser issue, probably gui features; fixing component (and assignee/qa for that matter) (hmm, why is xp apps:gui features a core component?)
Assignee: juanrey → guifeatures
Component: HTML: Parser → XP Apps: GUI Features
QA Contact: general
Reporter | ||
Comment 10•20 years ago
|
||
I am agree. (I was not able to find such component neither anything more suitable tha HTML parser)
Updated•20 years ago
|
Product: Core → Mozilla Application Suite
Component: XP Apps: GUI Features → General
Product: Mozilla Application Suite → Firefox
Comment 11•18 years ago
|
||
*** Bug 326425 has been marked as a duplicate of this bug. ***
Updated•18 years ago
|
Assignee: guifeatures → nobody
QA Contact: general
Updated•18 years ago
|
Component: General → Phishing Protection
Updated•17 years ago
|
QA Contact: general → phishing.protection
Updated•17 years ago
|
Severity: normal → enhancement
Summary: Mozilla should warn about fake links → Warn about fake links (where anchor text looks like a URL but the href goes elsewhere)
Comment 12•11 years ago
|
||
I don't think it likely we will ever fix this. It's a widely used pattern on normal web sites (say, Twitter and t.co links), and warnings would just end up being annoying.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
Assignee | ||
Updated•10 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•