Fwd: Is there any reason not to enable proxy-autologin by default?

Gervase Markham gerv at mozilla.org
Mon Sep 9 20:01:18 UTC 2013


On 09/09/13 06:54, Manish Goregaokar wrote:
> Bug 646452 <https://bugzilla.mozilla.org/show_bug.cgi?id=646452>
> 
> We currently have a signon.autologin.proxy that is disabled by default.
> When enabled, if a proxy needs a password and that password is saved,
> Firefox will attempt to authenticate without prompting (and prompt if
> there is a failure).
> 
> Is there any reason why we shouldn't enable it by default? 

If someone spoofs your DNS and pretends to be the proxy, they can
capture your password?

Gerv




More information about the firefox-dev mailing list