canmove, Confirmed users
637
edits
Firefox/Projects/AccountManager/SecurityReview: Difference between revisions
Firefox/Projects/AccountManager/SecurityReview (view source)
Revision as of 23:07, 1 September 2010
, 1 September 2010→Review comments
| Line 164: | Line 164: | ||
== Review comments == | == Review comments == | ||
* Link: header URI whitelisted to http/https | |||
* Link: header URI might itself be an attack link. Is it any worse than <img src=uri>? | |||
* Link: header might log you into some unrelated site | |||
** phishing potential if chrome looks "signed in"? (e.g. "There's a problem, please confirm your password") | |||
** make sure someone's logged into a victim site as a preface to another CSRF attack? | |||
* If site is HTTPS then AMCD URI must be HTTPS (current code doesn't enforce this) | |||
** what do we do if it's not? | |||
* If site is HTTP then AMCD can be HTTP or HTTPS (but of course https is recommended) | |||