1 |
On 2017-01-07 23:27, Floyd Anderson wrote: |
2 |
|
3 |
if ( |
4 |
dnsDomainIs(host, '.your-bank.com') |
5 |
// || dnsDomainIs(host, 'addons.cdn.mozilla.net') |
6 |
// || dnsDomainIs(host, 'addons.mozilla.org') |
7 |
) { return 'DIRECT'; } |
8 |
|
9 |
// Redirect all other requests through localhost which should always |
10 |
// fail due no listen server. |
11 |
return 'PROXY 127.0.0.1:65535'; |
12 |
} |
13 |
|
14 |
What if the bank website uses bazillions of random CDN domains? |
15 |
|
16 |
That is really the number one problem I have trying to browse securely |
17 |
now, in any context. I can have many safeguards based on the URL domain |
18 |
but once they go Web 2.0, I'm stuck. |
19 |
|
20 |
-- |
21 |
Please *no* private Cc: on mailing lists and newsgroups |
22 |
Personal signed mail: please _encrypt_ and sign |
23 |
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html |