Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Has this issue been resolved in 4.0? http://www.informationweek.com/news/security/vulnerabilities/226700396?cid=nl_IW_daily_2010-08-18_h

  • 1 reply
  • 1 has this problem
  • Last reply by cor-el

dohc97
dohc97
more options

I wanted to find out if the issue described in the URL below has been fixed in the latest version of firefox.

http://www.informationweek.com/news/security/vulnerabilities/226700396?cid=nl_IW_daily_2010-08-18_h

I wanted to find out if the issue described in the URL below has been fixed in the latest version of firefox. http://www.informationweek.com/news/security/vulnerabilities/226700396?cid=nl_IW_daily_2010-08-18_h

All Replies (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

That is about opening obfuscated links in an iframe.

  • Bug 570658 – Username-in-URL obfuscation warning isn't shown for iframe loads

If you visit a malicious website that way then the Firefox phishing protection will kick in. 

data:text/html,<iframe src="http://foo.com@www.mozilla.com/firefox/its-a-trap.html">

Maybe NoScript has a protection against it.