Closed Bug 750587 Opened 13 years ago Closed 8 years ago

Link hover preview is (kinda) spoofable using %-encoded hostnames

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
x86_64
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: jruderman, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: csectype-spoof, sec-low, testcase)

Attachments

(1 file)

Jesse's testcase
1.06 KB, text/html
Details
Attached file Jesse's testcase
From bug 279099 comment 267: > See http://www.idnnews.com/?p=7109 > > Chrome displays the fake www.аmazon.com as http://www.xn--mazon-3ve.com/ on > hover, but Firefox still shows it as http://www.аmazon.com I get the impression that links where the domain is %-encoded work in Chrome but not in Firefox. Which is bug 309671, I guess. Spoofing on links that don't work yet, and only in the hover preview (which JS can spoof anyway), doesn't seem like the biggest security problem. But this should be fixed before the links are made to work. Probably related to bug 304905 and bug 320807.
Component: Developer Tools: Inspector → General
QA Contact: developer.tools.inspector → general
Keywords: csec-spoof
Whiteboard: [sg:low]
Keywords: testcase
All the test cases currently display as punycode.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: