Hi, On mar, 2005-02-08 at 12:35 -0200, Fabiano Rodrigues wrote: >Eric Johanson has reported a security issue in multiple browsers, which >can be exploited by a malicious web site to spoof the URL displayed in >the address bar, SSL certificate, and status bar. > >http://secunia.com/multiple_browsers_idn_spoofing_test/
Thanks for the notice. Actually, the spoofing potential of homographs has been known for years, so this isn't a new attack. Epiphany gets the location in the location bar and statusbar from the embedded mozilla rendering engine. Any fix that mozilla comes up with -- see https://bugzilla.mozilla.org/show_bug.cgi?id=279099 -- will be inherited by Epiphany automatically. So there is no action from us required. As a workaround, you could set network.enableIDN to 'false' in about:config; but that's currently not working in released mozilla versions because of a bug [https://bugzilla.mozilla.org/show_bug.cgi?id=261934]. Regards, Christian _______________________________________________ epiphany-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/epiphany-list
