URL spoofing is likely possible through address bar eliding

RESOLVED INACTIVE

Status

()

Firefox
Address Bar
--
minor
RESOLVED INACTIVE
8 years ago
2 months ago

People

(Reporter: Michal Zalewski, Unassigned)

Tracking

({sec-low})

3.6 Branch
sec-low
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

8 years ago
Hi,

Address bar eliding is a bit naive - the leftmost part of the URL is simply truncated without giving any visual cue - so the attacker can open or resize a window so that an URL such as this:

http://www.google.com.coredump.cx

...is shown as:

http://www.google.com

This requires some minimal finesse to properly calculate screen resolutions and guess the address bar font, but this is likely not prohibitively difficult.
Whiteboard: [sg:low spoof]

Updated

8 years ago
Component: Security → Location Bar
QA Contact: firefox → location.bar
(Reporter)

Comment 1

8 years ago
Also see bug 622451 for a vaguely related UI resizing concern.
Group: core-security
Whiteboard: [sg:low spoof]

Comment 2

2 months ago
Per policy at https://wiki.mozilla.org/Bug_Triage/Projects/Bug_Handling/Bug_Husbandry#Inactive_Bugs. If this bug is not an enhancement request or a bug not present in a supported release of Firefox, then it may be reopened.
Status: NEW → RESOLVED
Last Resolved: 2 months ago
Resolution: --- → INACTIVE
You need to log in before you can comment on or make changes to this bug.