Jean-Marc Desperrier wrote: > Until a better solution is deployed, here is the work around to make > Moxie Marlinspike's attack ineffective.
Note that the "better fix" will be a default change for this very pref, and any user-modified value will continue to take precedence. Please remember to undo this change when we ship a fix or you will not get the updates. A bug covering Marlinspike's PoC (and others) is https://bugzilla.mozilla.org/show_bug.cgi?id=479336 Another spoof (that may or may not work depending on your font) is described at https://bugzilla.mozilla.org/show_bug.cgi?id=479413 _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
