Avatar for Username

Cerca nel supporto

Attenzione alle mail truffa. Mozilla non chiederà mai di chiamare o mandare messaggi a un numero di telefono o di inviare dati personali. Segnalare qualsiasi attività sospetta utilizzando l'opzione “Segnala abuso”.

Ulteriori informazioni

Questa discussione è archiviata. Inserire una nuova richiesta se occorre aiuto.

Has this issue been resolved in 4.0? http://www.informationweek.com/news/security/vulnerabilities/226700396?cid=nl_IW_daily_2010-08-18_h

  • 1 risposta
  • 1 ha questo problema
  • Ultima risposta di cor-el

dohc97
dohc97
more options

I wanted to find out if the issue described in the URL below has been fixed in the latest version of firefox.

http://www.informationweek.com/news/security/vulnerabilities/226700396?cid=nl_IW_daily_2010-08-18_h

I wanted to find out if the issue described in the URL below has been fixed in the latest version of firefox. http://www.informationweek.com/news/security/vulnerabilities/226700396?cid=nl_IW_daily_2010-08-18_h

Tutte le risposte (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

That is about opening obfuscated links in an iframe.

  • Bug 570658 – Username-in-URL obfuscation warning isn't shown for iframe loads

If you visit a malicious website that way then the Firefox phishing protection will kick in. 

data:text/html,<iframe src="http://foo.com@www.mozilla.com/firefox/its-a-trap.html">

Maybe NoScript has a protection against it.