
Loading…
Download all filters over HTTPS #1220
smarek
commented
Owner
chrisaljoudi
commented
smarek
commented
Cool, thank you!
Also I think there should be some information about what the lock means, to not confuse the users.
Maybe on mouse hover over the lock?
Owner
chrisaljoudi
commented
@smarek there is. Did you try hovering the lock? :D
ghost
commented
Edit: n/m misunderstood what the symbol represents
gwarser
commented
I think this behavior should be inverted - show lock with warning sign (or behind no/slash sign) for not secure links. Secure links should be seen as standard, without special meaning.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
thank you for this very good extension.
I noticed, some of the filters are not downloaded over HTTPS, which could be easily intercepted and could be used in fuzzing attack against extension/client/browser and/or could be replaced MITM with invalid/empty list.
Could you please verify and confirm that these filters, those downloaded through 80 (such as
pgl.yoyo.org,fanboy.co.nz,malwaredomainlist.comorhttp://someonewhocares.org/) are somehow verified through transmission/usage? If not, could you please make change to extension, that would disallow globally downloading over non-secured HTTP (or at least mark them up in extension Dashboard->3-rd party filters, as insecure) ?