Closed Bug 739133 Opened 13 years ago Closed 13 years ago

Blocklist HTTPS Everywhere

Tracking

()

Status:

RESOLVED INVALID

People

(Reporter: tanner, Unassigned)

Details

Tanner Filip [:tanner]

Reporter

Description

•

13 years ago

HTTPS Everywhere seems to have a flaw, which the URL bar to be spoofed, see Bug 739099 comment 0 for more complete details.

:Gavin Sharp [email: gavin@gavinsharp.com]

Comment 1

•

13 years ago

This minor spoofing flaw doesn't seem worthy of blocklisting, particularly given that the developers seem to already be on it (https://trac.torproject.org/projects/tor/ticket/5477#comment:1).

Jorge Villalobos [:jorgev] (he/him)

Comment 2

•

13 years ago

Yeah, I don't think there's a high risk at the moment and the developers are already on it.

Group: client-services-security

Status: NEW → RESOLVED

Closed: 13 years ago

Resolution: --- → INVALID

Jorge Villalobos [:jorgev] (he/him)

Comment 3

•

13 years ago

Removing security flag since this is a publicly known issue.

Group: client-services-security

Théo Chevalier

Comment 4

•

13 years ago

Soon 10 days, and no activity on their bug. I asked, but no answers... It's just to inform you, you'll take the right decision accordingly :)

Nobody; OK to take it and work on it

Assignee

Updated

•

9 years ago

Product: addons.mozilla.org → Toolkit

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Blocklist HTTPS Everywhere

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Tracking

()

People

(Reporter: tanner, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2

Comment 3

Comment 4

Updated