Ubuntu
firefox-3.0 package

  1. Bug #271933
  2. Activity log

Activity log for bug #271933

Date Who What changed Old value New value Message
2008-09-18 22:23:02 Anders Kaseorg bug added bug
2008-09-18 22:23:40 Anders Kaseorg bug assigned to firefox
2008-09-18 22:27:30 Bug Watch Updater firefox: status Unknown New
2008-09-18 22:40:22 Anders Kaseorg description Binary package hint: firefox-3.0 [Mozilla upstream suggests this might be an Ubuntu problem, so I’m filling a report here.] Before letting you visit a potentially confusing URL with an embedded HTTP username:password, Firefox pops up a “helpful” warning dialog asking you to confirm the site you intended to visit. Unfortunately, it asks you to confirm that you intend to visit the _username_, not that you intend to visit the real site! Confirm You are about to log in to the site "members.tripod.com" with the username "www%2Egoogle%2Ecom", but the website does not require authentication. This may be an attempt to trick you. Is "www%2Egoogle%2Ecom" the site you want to visit? [No] [Yes] I’m using firefox-3.0 3.0.2+build3+nobinonly-0ubuntu2, xulrunner-1.9 1.9.0.2+build3+nobinonly-0ubuntu1 on Ubuntu intrepid amd64. Binary package hint: firefox-3.0 [Mozilla upstream suggests this might be an Ubuntu problem, so I’m filling a report here.] Before letting you visit a potentially confusing URL with an embedded HTTP username:password, Firefox pops up a “helpful” warning dialog asking you to confirm the site you intended to visit. Unfortunately, it asks you to confirm that you intend to visit the _username_, not that you intend to visit the real site! For example: http://www.google.com:search@members.tripod.com/ Confirm You are about to log in to the site "members.tripod.com" with the username "www%2Egoogle%2Ecom", but the website does not require authentication. This may be an attempt to trick you. Is "www%2Egoogle%2Ecom" the site you want to visit? [No] [Yes] I’m using firefox-3.0 3.0.2+build3+nobinonly-0ubuntu2, xulrunner-1.9 1.9.0.2+build3+nobinonly-0ubuntu1 on Ubuntu intrepid amd64.
2008-09-18 22:49:47 Anders Kaseorg bug assigned to firefox (Fedora)
2008-09-18 22:57:40 Bug Watch Updater firefox: status Unknown In Progress
2008-09-19 21:37:18 Bug Watch Updater firefox: status New Confirmed
2008-11-24 09:46:30 era firefox-3.0: status New Confirmed
2008-11-24 09:46:30 era firefox-3.0: statusexplanation I'm seeing this on a newly installed Intrepid amd64. I'm thus setting this as Confirmed for firefox-3.0 (Ubuntu). The repro steps are real easy, just type in something like http://fnord:foo@localhost:631/ in the location bar, and inspect the resulting dialog box. (The port needs to have a server running; port 631 should be listening if you have CUPS installed.)
2009-11-23 07:15:19 Bug Watch Updater firefox (Fedora): status In Progress Fix Released
2010-09-18 00:58:25 Bug Watch Updater firefox: importance Unknown Medium
2014-10-27 00:34:09 Bug Watch Updater firefox: status Confirmed Invalid
2017-10-27 07:03:39 Bug Watch Updater firefox (Fedora): importance Unknown Medium
2017-10-27 07:03:43 Bug Watch Updater bug watch added https://bugzilla.mozilla.org/show_bug.cgi?id=449303