Closed Bug 358966 Opened 19 years ago Closed 19 years ago

Phising Control fails when a phising uri translated into it's hexadecimal equivalent

Categories

(Toolkit :: Safe Browsing, defect)

Product:
Toolkit
Component:
Safe Browsing
Version:
2.0 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 356355

People

(Reporter: rcarrillo, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; es-ES; rv:1.8.1) Gecko/20060601 Firefox/2.0 (Ubuntu-edgy) Build Identifier: Mozilla/5.0 (X11; U; Linux i686; es-ES; rv:1.8.1) Gecko/20060601 Firefox/2.0 (Ubuntu-edgy) As is reported in (http://www.kriptopolis.org/nueva-chapuza-en-firefox-2-0-su-mecanismo-anti-phishing and http://ha.ckers.org/blog/20061030/firefox-20-anti-phishing-filter-vulnerable-to-evasion/) if I try the url : http://200.119.135.99/ebay/login5878/ firefox alerts me of phising site, but using itś hexadecimal equivalent: http://0xc8.0x77.0x87.0x63/ebay/login5878/ , firefox let me in and dont alert me of the page. Reproducible: Always Steps to Reproduce: 1.visit http://200.119.135.99/ebay/login5878/ 2.phising filter alerts me correctly 3.visit http://0xc8.0x77.0x87.0x63/ebay/login5878/ 4.let me in the same phising page without alert me Actual Results: let me in the same phising page without alert me Expected Results: phising filter alerts me correctly
Version: unspecified → 2.0 Branch
*** This bug has been marked as a duplicate of 356355 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.