DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 9th December 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default WebSockets disabled in Firefox 4

From http://www.h-online.com/security/new...4-1150369.html

Quote:
Due to a vulnerability in the design of the WebSocket protocol, the Mozilla Foundation has decided to disable support for this protocol in the forthcoming Firefox 4 Beta 8 release. The vulnerability in the code for transparent proxies can potentially be exploited to poison the proxy cache and inject manipulated pages.

This could allow attackers to inject a specially crafted JavaScript for Google Analytics into the proxy's cache that will be returned to clients and executed in their browsers after every subsequent request.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 9th December 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,051
Thanked 198 Times in 156 Posts
Default

Everyone seems to be rushing in these HTML5 features headfirst, without actually using their head.

I suspect there will be a long strong HTML5-related security problems ... This is the 1990's all over again
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #3   (View Single Post)  
Old 10th December 2010
drhowarddrfine drhowarddrfine is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 358
Thanked 9 Times in 8 Posts
Default

btw, Opera, too, has frozen the release of this but it's not in any browser yet. HTML5 encompasses a lot of things that aren't security issues.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Firefox page too big wokko NetBSD Package System (pkgsrc) 5 1st June 2010 04:18 PM
disabled cardbus? rva OpenBSD General 2 7th February 2010 03:29 AM
Marvell 88E8038 ethernet adaptor doesn't work with NetBSD 5, even with ACPI disabled GullibleJones NetBSD General 2 13th December 2009 10:55 AM
firefox darken FreeBSD General 5 27th July 2008 11:01 PM
Upgrading firefox to firefox 3 -keeping plugins+bookmarks kasse FreeBSD Ports and Packages 11 5th July 2008 01:34 PM


All times are GMT. The time now is 02:03 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick