http://www.squarefree.com/burningedge/2005/07/27/2005-07-26-trunk-builds/ Developments in nightly builds of Mozilla Firefox Thu, 07 Aug 2008 23:28:44 +0000 http://wordpress.org/?v=2.5 http://www.squarefree.com/burningedge/2005/07/27/2005-07-26-trunk-builds/#comment-2426 Shawn Wed, 27 Jul 2005 14:15:03 +0000 http://www.squarefree.com/burningedge/2005/07/27/2005-07-26-trunk-builds/#comment-2426 Jan: I'd consider that a security bug. Some webapps regularly use the referer as a sort of authentication for allowing actions to get executed. I wouldn't recommend that anyone use that method, but it gets used a lot and can easily get broken. But holes like this allow for it to get triggered by an unsuspecting user through XSS, rather than someone maliciously doing it themselves. Jan: I’d consider that a security bug. Some webapps regularly use the referer as a sort of authentication for allowing actions to get executed. I wouldn’t recommend that anyone use that method, but it gets used a lot and can easily get broken. But holes like this allow for it to get triggered by an unsuspecting user through XSS, rather than someone maliciously doing it themselves.

]]> http://www.squarefree.com/burningedge/2005/07/27/2005-07-26-trunk-builds/#comment-2425 Jan! Wed, 27 Jul 2005 10:37:29 +0000 http://www.squarefree.com/burningedge/2005/07/27/2005-07-26-trunk-builds/#comment-2425 In what way is bug 300942 ( and background: url(); send the wrong referer for the image request) a security bug? Because it allowed spoofing the referrer? In what way is bug 300942 ( and background: url(); send the wrong referer for the image request) a security bug? Because it allowed spoofing the referrer?

]]>