Closed
Bug 545393
Opened 14 years ago
Closed 14 years ago
DNS Prefetch security issue: Information leak
Categories
(SeaMonkey :: Security, defect)
SeaMonkey
Security
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 535976
People
(Reporter: standard8, Unassigned)
Details
(Keywords: privacy, regression)
This is the SeaMonkey version of bug 544745 +++ This bug was initially created as a clone of Bug #544745 +++ User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2) Gecko/20100115 Firefox/3.6 Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1 see https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail Already discussed here: https://bugzilla.mozilla.org/show_bug.cgi?id=492196 I'm not sure, but about:config has 'network.prefetch-next' (true by default), setting to false could help. I didn't find 'network.dns.disablePrefetch' in about:config, maybe js parameter. Depending on comments, it could be a wise choice to set default option to another value. I think, in most case, an url link will be open by an external browser so I'm not sure what is the usage of dns prefetch here. Another option, would be disabling prefetch when using text mode or encrypted access like gmail does or maybe have a 'paranoid' button in preferences ...
Reporter | ||
Updated•14 years ago
|
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
Updated•14 years ago
|
No longer depends on: CVE-2009-4629
You need to log in
before you can comment on or make changes to this bug.
Description
•