WebSockets disabled in Firefox 4
From http://www.h-online.com/security/new...4-1150369.html
Quote:
Due to a vulnerability in the design of the WebSocket protocol, the Mozilla Foundation has decided to disable support for this protocol in the forthcoming Firefox 4 Beta 8 release. The vulnerability in the code for transparent proxies can potentially be exploited to poison the proxy cache and inject manipulated pages.
This could allow attackers to inject a specially crafted JavaScript for Google Analytics into the proxy's cache that will be returned to clients and executed in their browsers after every subsequent request.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|