Rather reporting as security bug. Using httpd.js component since there is no for ssltunnel and it is actually related. See https://bugzilla.mozilla.org/show_bug.cgi?id=599295#c17 and bellow. The goal is to keep the ssltunnel a simple and singe-purpose utility. The redirect change can be implemented in an xpcshell test easily.
This is not a security problem in shipping clients, right? Just hidden because the change is due to a security fix? If it's a risk in its own right please clear the '[sg:nse]' from the whiteboard.
Whiteboard: [sg:nse] → [sg:nse] keep hidden until 599295 unhidden
(In reply to Daniel Veditz from comment #1) > This is not a security problem in shipping clients, right? Just hidden > because the change is due to a security fix? Yes to both questions. Thanks.
11 years ago
No time to work on this...
Assignee: honzab.moz → nobody
You need to log in before you can comment on or make changes to this bug.