Closed Bug 868817 Opened 11 years ago Closed 11 years ago

[Security] No Warning in HTML-EMail Links if href-domain is different that that of link-text

Categories

(Thunderbird :: Security, defect)

Product:
Thunderbird
Component:
Security
Version:
23 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 651334

People

(Reporter: jan, Unassigned)

References

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.43 Safari/537.31

Steps to reproduce:

Receive any HTML-EMail with Links, where the link-text says e.g. 'http://www.mozilla.org', but the href of the link actually links to 'http://download-this-nice-trojan.com'.


Actual results:

You just infected yourself with this nice trojan.


Expected results:

The link should be blocked on click, or at least ask for confirmation. Maybe there should be a visual warning directly when displaying the mail.
seamonkey bug 278490

I'm sure I've recently seen or even touched a duplicate bug in TB product
Whiteboard: [dupme]
See Also: → 698597
(In reply to Thomas D. from comment #1)
> seamonkey bug 278490
> 
> I'm sure I've recently seen or even touched a duplicate bug in TB product

Bug 651334
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
Whiteboard: [dupme]
You need to log in before you can comment on or make changes to this bug.