[Bug 391385] New: Illegal html in the login page when there' s a phishing attempt
https://bugzilla.novell.com/show_bug.cgi?id=391385 Summary: Illegal html in the login page when there's a phishing attempt Product: openSUSE.org Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: BuildService AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: vuntz@novell.com QAContact: adrian@novell.com Found By: --- I'm pretty sure it's not the right component to report this, but I don't know what is the right one :/ A friend of mine tried to log in the build service and for some reason, he had a warning about a potential warning about a phishing attempt (he can't reproduce, so he probably clicked on a link from somewhere, don't know). Anyway, the problem is that this message looked broken. It seems it's conveyed within another HTML tag and the quote in color="red" aren't escaped. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=391385
Cyril Hrubis
https://bugzilla.novell.com/show_bug.cgi?id=391385
User adrian@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=391385#c1
Adrian Schröter
https://bugzilla.novell.com/show_bug.cgi?id=391385
User vuntz@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=391385#c2
--- Comment #2 from Vincent Untz
When there is really a phishing attempt, than this code does not come from our servers.
Please try to reproduce the error and we can check if it is our problem or someone in between tries to trick you. The SSL certificates should protect you from this.
I can't reproduce the error and I have no idea how to reproduce, but I guess it just happened because of the public wireless (it might have needed some authentication at some point so the user got redirected from a wireless portal to the login page, or something like this). And really the bug is not about "there can be some phishing happening" (yes, the SSL certificates can help) but about the HTML error there that looks pretty bad. Isn't it possible to know where this error comes from and look at what it returns? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com