----- Original Message ----- > From: "Anne van Kesteren" <[email protected]> > To: [email protected] > Cc: "Patrick McManus" <[email protected]>, > [email protected] > Sent: Tuesday, 23 September, 2014 9:10:32 PM > Subject: Re: Mixed content (was: Indicators for high-security features) > > On Tue, Sep 23, 2014 at 8:08 PM, <[email protected]> wrote: > > I'm sure blocking such http requests would break some sites but has anyone > > performed research or analysis into how big the problem is? Is there a > > user option to force them to be blocked? > > I doubt there are holes by the way, but if you find any let us know.
Firefox already had CVEs for jpeg handling, they are not unheard of. -- Regards, Hubert Kario _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
