Hi, Address bar eliding is a bit naive - the leftmost part of the URL is simply truncated without giving any visual cue - so the attacker can open or resize a window so that an URL such as this: http://www.google.com.coredump.cx ...is shown as: http://www.google.com This requires some minimal finesse to properly calculate screen resolutions and guess the address bar font, but this is likely not prohibitively difficult.
Also see bug 622451 for a vaguely related UI resizing concern.
Whiteboard: [sg:low spoof]
Per policy at https://wiki.mozilla.org/Bug_Triage/Projects/Bug_Handling/Bug_Husbandry#Inactive_Bugs. If this bug is not an enhancement request or a bug not present in a supported release of Firefox, then it may be reopened.
Status: NEW → RESOLVED
Last Resolved: 2 months ago
Resolution: --- → INACTIVE
You need to log in before you can comment on or make changes to this bug.