On 6/21/07, scar <[EMAIL PROTECTED]> wrote:
... it seems to me that many addons which are downloaded from https://addons.mozilla.org/ use different, non-https, addresses to check for and download updates.
the problem exists when non https is used for updates. any plugins getting updates via http port 80 would be vulnerable.
would this vulnerability exist with all of those addons as well? how to find out what address each addon uses to download updates?
i haven't tested the various plugins myself. a sniffer should tell you quickly if updates are performed insecurely, though you may need trial and error to determine which one is making the requests if it isn't obvious in the data. this would be a good subject to document on the wiki if you pursue it :) best regards,
