![]() ![]() (I replaced the actual URL of the authentication gateway with stars.)Ĭurrently, the BlueCoat people refuse to fix their proxy, so the only way we found to deal with this is to revert the patch for bug#479880, making the browser vulnerable to CVE-2009-1836 again.Īctually it could be argued that the proxy is actually *exploiting* CVE-2009-1836 in a creative way. However our BlueCoat proxy does much worse: When you issue a CONNECT command, they will reply with a redirection to a page that does the authentication.īug#491818 was already reported and fixed, which means that proxies replying with a 302 found page are correctly handled. As comment #75 of said bug explains, it breaks the behavior of some (arguably broken) proxies. ![]() This happens since the fix for bug#479880. Xulrunner-based browsers fail to connect through some proxies with very ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |