Although Mozilla doesn't incorrectly display the url for the following
type of url:
http://[EMAIL PROTECTED]/security/ex01/vun2.htm
It does leave a confusing url in location bar.
It would be better if mozilla displayed the real site visited in another
field close to the location bar, eg:
location bar: http://[EMAIL PROTECTED]/
site: zapthedingbat.com
This would help remove some confusion and allow a user to know the real
site being communicated with. Alternatively a popup should alert the user
that potential spoofing is being used.
Another request, ALL https windows should be non frame'd to remove
potential spoofing from going unnoticed.
--
Steve
_______________________________________________
Mozilla-security mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-security
