Skip to content
Snippets Groups Projects
Closed (moved) Surprising DOM origins before HTTPS-E/NoScript redirects have completed
  • View options

    • Surprising DOM origins before HTTPS-E/NoScript redirects have completed

    • View options
    • Closed (moved) created by Trac

    http://majorsecurity.net/html5/ios51-demo.html

    !^ Here is the demo of address spoofing.

    With HTTPS-Everywhere enabled in latest Nightly - clicking the button opens a new tab with "apple.com" address. But this is a spoofed address, press CTRL+U to watch the source code of that page.

    Trac:
    Username: Drugoy

    Attributes

    Assignees

    Labels

    MikePerry201207 actualpoints 20 (pde: 6? mikeperry: 14) component https everywhere/eff-https everywhere owner ma1 points 20 priority immediate reporter Drugoy resolution fixed severity normal status closed type defect

    Milestone

    None

    Dates

    Start: None

    Due: None

    Time tracking

    Spent 0h
    Estimate 160h

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first