Bugtraq: Re: New possible scam method : forged websites using XUL (Firefox)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: New possible scam method : forged websites using XUL (Firefox)

From: Kim Scarborough <kjs () uchicago edu>
Date: Tue, 03 Aug 2004 13:13:42 -0500

So I started to look for the "existing pref", and sure enough, if you
write

user_pref("dom.disable_window_open_feature.location", true);

in your prefs.js, the spoof looks much less convincing.


Small point: editing prefs.js is deprecated. That should go in user.js instead.

--
----------------------------------------------------------------------------
Kim Scarborough                                  Web Systems Administrator
University of Chicago/NSIT                       (773) 834-7740
----------------------------------------------------------------------------
Now listening to: Johnny Cash - "Would You Lay with Me (In a Field of Stone)"
----------------------------------------------------------------------------

By Date By Thread

Current thread:

RE: New possible scam method : forged websites using XUL (Firefox) Thomas T. Evans, III (Aug 02)
- <Possible follow-ups>
- Re: New possible scam method : forged websites using XUL (Firefox) Peter J. Holzer (Aug 02)
  - Re: New possible scam method : forged websites using XUL (Firefox) Peter J. Holzer (Aug 03)
    - Re: New possible scam method : forged websites using XUL (Firefox) Kim Scarborough (Aug 03)
    - Re: New possible scam method : forged websites using XUL (Firefox) Michael Reilly (Aug 03)
- Re: New possible scam method : forged websites using XUL (Firefox) Nicholas Knight (Aug 02)
  - Re: New possible scam method : forged websites using XUL (Firefox) Marc (Aug 02)