Simon Willison’s Weblog

Items tagged security, firefox

Filters: security × firefox ×

Plugging the CSS History Leak (via) Firefox is fixing the nefarious CSS visited link colour history leak flaw, which currently affects all browsers and allows a malicious site to determine if you have visited a specific site by checking getComputedStyle against a link to that page. It’s an obtrusive but necessary fix—visited link styles will be restricted to colour and border styles (no background images and hence no more checkbox effects since the image request could leak information) and those colours will not be reported via getComputedStyle. I hope other browser vendors follow suit. # 31st March 2010, 8:01 pm

Pwn2Own trifecta: Hacker exploits IE8, Firefox, Safari. You just can’t trust browser security: Current versions of Safari, IE8 and Firefox all fell to zero-day flaws at an exploit competition. None of the vulnerabilities have been disclosed yet. # 19th March 2009, 3:30 pm

eval() Kerfuffle. The ability to read supposedly private variables in Firefox using a second argument to eval() will be removed in Firefox 3.1. # 2nd July 2008, 9:24 pm

Javascript protocol fuzz results. If your HTML sanitizer uses blacklisting rather than whitelisting here are a few more weird ways of injecting javascript: in to a link that you need to worry about—but you should really switch to whitelisting http:// and https:// instead. # 30th June 2008, 3:57 pm

In the long term, I want to replace JavaScript and the DOM with a smarter, safer design. In the medium term, I want to use something like Google Gears to give us vats with which we can have safe mashups. But in the short term, I recommend that you be using Firefox with No Script. Until we get things right, it seems to be the best we can do.

Douglas Crockford # 7th November 2007, 3:36 pm

Currently WebRunner applications share cookies with other WebRunner applications, but not with Firefox. WebRunner uses its own profile, not Firefox’s profile. There is a plan to allow WebRunner applications to create their own, private profiles as well.

Mark Finkle # 30th September 2007, 4:08 pm

HTTPOnly cookie support in Firefox. Five years after the bug was filed, HTTPOnly cookie support has gone in to the Mozilla 1.8 branch. This is a defence in depth feature that has been in IE for years—it lets you set cookies that aren’t available to JavaScript, and hence can’t be hijacked in the event of an XSS flaw. # 6th September 2007, 6:27 am

VeriSign’s SeatBelt OpenID plugin for Firefox. The first good example of browser integration for OpenID. It catches phishing attempts by watching out for rogue OpenID consumers that don’t redirect to the right place. # 17th August 2007, 5:37 pm

Firefox promiscuous IFRAME access bug. Lets malicious sites “display disruptive or misleading contents in the context of an attacked site” and intercept keystrokes! The demo worked in Camino 1.5 as well. Avoid using Gecko-based browsers until this is patched? # 6th June 2007, 10 am

Gaping holes exposed in fully-patched IE 7, Firefox (via) Michal Zalewski released a new Firefox 2.0 vulnerability in addition to the IE cookie stealing one. # 6th June 2007, 9:57 am