Opened 5 years ago
Closed 5 years ago
#15259 closed bug (notabug)
Downloads are vulnerable to a MITM attack
Reported by: | Jared Beck | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | none |
Component: | ui.core | Version: | 1.12.1 |
Keywords: | Cc: | ||
Blocked by: | Blocking: |
Description
Observed behavior:
Requests to http://jqueryui.com succeed
Suggested behavior:
Requests to http://jqueryui.com should redirect to https://jqueryui.com
Security implications:
If this is not fixed, users will perform downloads using insecure HTTP, and will be subject to MITM attacks via DNS or via privileged network position.
Note: See
TracTickets for help on using
tickets.
Please report web site bugs at https://github.com/jquery/jqueryui.com/issues