Le lundi 16 novembre 2009 à 09:37 +0100, Mike Hommey a écrit : > On Mon, Nov 16, 2009 at 09:17:58AM +0100, Josselin Mouette wrote: > > What’s a bookmarklet? I don’t even know whether epiphany supports this. > > It's javascript code you bookmark and can run on any site. A bit like > greasemonkey, but crossbrowser. It's designed to run in the current > page context, so the security issue here is by design.
Confirmation before saving the bookmarklet to the list of bookmarks? If so, I’d say epiphany is not affected, since it always ask for confirmation whenever you bookmark something. > To alleviate the > broken-by-design part, the CVE says the browser should ask for > confirmation, like everybody reads alerts and make informed decisions. > Haha. Another case of “security by unusability” I guess. After the huge sucess of Vista and Firefox 3… Cheers, -- .''`. Josselin Mouette : :' : `. `' “I recommend you to learn English in hope that you in `- future understand things” -- Jörg Schilling
signature.asc
Description: Ceci est une partie de message numériquement signée
