Welcome to WebmasterWorld Guest from 54.159.250.110

Forum Moderators: incrediBILL

Message Too Old, No Replies

firefox 13 "tabs" exposes users HTTPS sessions content

Privacy problems will be fixed..sometime in the future

   
12:27 am on Jun 23, 2012 (gmt 0)

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



The updated new tab page feature is broadly akin to the Speed Dial feature already present in other browsers and displays cached copies of a user's most visited websites


[theregister.co.uk...]
7:47 am on Jun 24, 2012 (gmt 0)

WebmasterWorld Administrator robert_charlton is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I like the thumbnails enough to use them occasionally. As I look at a "New Tab" page right now, I'm seeing one sign-in page thumbnail, but no thumbnails showing secure content beyond it. I don't believe I've experienced the following scenario, which I agree would not be a good one to have happen...

Reg reader Chris discovered the feature after opening a new tab only to be "greeted by my earlier online banking and webmail sessions complete with account numbers, balances, subject lines etc.

"This content is behind a secure login for a reason," Chris added.

I should add that this sentence in the article is a little vague...
Users can also switch back to using blank new tab screens by clicking the square icon in the top right corner of the browser.

The "top right corner of the browser" is not well-defined. The icon in question is in the top right corner of the "New Tab" page, and it's a grey square composed of nine square dots.
1:17 pm on Jun 24, 2012 (gmt 0)



I can see cPanel pages and those are always visited by https. Not sure if that's just a screenshot or not but if it makes snapshots of account numbers that's horrible.

EDIT: Hiding the new tab page doesn't disable the function, don't see the controls in tools>>options either.