[tor-bugs] #5477 [EFF-HTTPS Everywhere]: HTTPS Everywhere sometimes causes iframes to behave strangely (take over their window?)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Apr 17 07:17:41 UTC 2012
#5477: HTTPS Everywhere sometimes causes iframes to behave strangely (take over
their window?)
------------------------------------------------------+---------------------
Reporter: Drugoy | Owner: pde
Type: defect | Status: new
Priority: major | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: address spoofing, critical vulnerability | Parent:
Points: | Actualpoints:
------------------------------------------------------+---------------------
Comment(by pde):
Re: exploitability, on one hand, the fact that I can briefly see Drugoy's
page with the Apple HTTPS decoration, does make me quite nervous. On the
other hand, I still can't get an alert with the apple.com cookies to fire.
So it's possible that none of the code is ''actually ''executing in the
real !https://apple.com origin.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5477#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list