Cure53
The attack surface for a sandbox Iframe is also significantly larger. There you have a full blown DOM, sometimes even visible to the user (`contentEditable`, resulting drag & drop attacks...
It's probably hard to find a programmatic solution that fits all needs. What about for instance adding a check-box for the user, prior to connection, to set where the behavior...
As far as we can tell, the fingerprint is computed not just over a public key but over the entire certificate. Rather than generating lots of keys, an attacker would...
That sounds good and should make attacks on uproxy a lot harder - it would only be possible to MITM one in a few million uproxy connections that way without...
Aye, we shall ;) Thx!
@bemasc "Instead, we will have to work hard to help users understand how to use uProxy safely." I see. But - what do you mean by that? Is there any...
@tunnelshade One more example, do we know why and how this happens?
cc @tunnelshade
Interesting :D Thanks for the heads-up. I am not sure if we can do much here - looks like indeed Chrome has to fix this, no?
+1 If anyone has a smart way to solve this, I'd e more than happy to review and accept a PR.