Link hover in location bar: truncate host at start, not end

RESOLVED WONTFIX

Status

()

defect
RESOLVED WONTFIX
9 years ago
6 years ago

People

(Reporter: adw, Unassigned)

Tracking

Trunk
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(blocking2.0 -)

Details

Currently when we show the moused-over link in the location bar, the host portion is truncated at the end if it needs to be truncated at all.  To help prevent phishing attacks, we should instead truncate it at the start so that subdomains are truncated.  From Limi's bug 587908 comment 95:

* For phishing reasons, we should also truncate subdomains when we run out of
space, like this:

http://www.friendly.reader.google.com.somephishingdomain.com/someverylongelementgoeshere

becomes

  …somephishingdomain.com/…goeshere
Whiteboard: [sg:want]
nominating due to security issue
blocking2.0: --- → ?
It's sg:want, which doesn't mean we absolutely need it.  Too late in the 4.0 game to consider this as something we'd block the release on.
blocking2.0: ? → -
Why not truncating in the middle? That would show the domain in the front an the (potential) target in the back.

Another point: Why is it truncated at all at half of the screen size? There are another 50% of space to show most of the URL.
Resolving wontfix since bug 541656 landed.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
Whiteboard: [sg:want]
http://www.friendly.reader.google.com.somephishingdomain.com/someverylongelementgoeshere

on 4.0rc this still gives the phishing opportunity when the window is small

why not implement the suggestion?
Because links aren't shown in the location bar anymore.  File a new bug about the status overlay if you want.
You need to log in before you can comment on or make changes to this bug.