Mozilla Announces Firefox 4.0 Design Mockup, URL Spoofing Vulnerability
Article by George Norman
On 29 Jul 2009
The Mozilla Foundation teases and annoys the Firefox user this week. It teases the user by making a mockup of Firefox 4.0 available to the public – this after a theme mockup of the upcoming Firefox 3.7 was announced a short while ago (here’s how you can get your Firefox browser to look like that theme mockup). Then it annoys the user by announcing a new security hole in the browser it developed: a URL bar spoofing vulnerability that affects all versions of Firefox.

Starting with the Firefox 4.0 mock-up, two versions have been proposed: one with tabs on bottom (version A – image below) and one with tabs on top (version B – image below as well). The later option comes with some upsides: it saves vertical space, it is more efficient as it removes visual complexity, and there’s a shorter mouse distance to Page Controls. On the downside it breaks consistency (existing users are familiar with the current design and like this familiarity with the browser), tab titles are missing, there’s a longer mouse distance to tabs, some space is needlessly lost.


It has also been proposed to blend together the Stop, Refresh and Go buttons. This Stop/Refresh/Go Button would turn green when you start typing, will blend with the location bar when not in use, will turn blue when you hover over it, and will turn red when a page loads. Check out the images below.

Moving on, the Mozilla Security team announced that a URL spoofing security vulnerability affecting all current versions of the Firefox browser has been discovered – the credit for discovering this security hole goes to Juan Pablo Lopez Yacubian. The only workaround that you can employ is to share confidential info only with websites that you opened from a bookmark, a trusted source, or sites that you accessed by typing in the URL yourself.

Official word from Mozilla: “The URL in the address bar can be spoofed when a new window or tab is opened by a malicious web page. If a user visits a page hosting this malicious code, a new window or tab can be opened with a faked URL. There is no way of determining if the URL is authentic. This could result in the user disclosing confidential information to the malicious site, known as a phishing attack. This vulnerability is known to affect all current versions of Firefox. Mozilla is actively working on fixing this vulnerability.”

Version A

Version B

Stop/Refresh/Go Button

Tags: Mozilla, Firefox, Firefox 4.0 mockup, Security, URL spoofing
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Mozilla Announces Firefox 4.0 Design Mockup, URL Spoofing Vulnerability
HTML Linking Code