Skip to main content

Search and Top Navigation

#15259 closed bug (notabug)

Opened December 12, 2017 10:14PM UTC

Closed October 25, 2018 01:41PM UTC

Downloads are vulnerable to a MITM attack

Reported by: jaredbeck Owned by:
Priority: minor Milestone: none
Component: ui.core Version: 1.12.1
Keywords: Cc:
Blocked by: Blocking:
Description

Observed behavior:

Requests to http://jqueryui.com succeed

Suggested behavior:

Requests to http://jqueryui.com should redirect to https://jqueryui.com

Security implications:

If this is not fixed, users will perform downloads using insecure HTTP, and will be subject to MITM attacks via DNS or via privileged network position.

Attachments (0)
Change History (1)

Changed October 25, 2018 01:41PM UTC by scottgonzalez comment:1

resolution: → notabug
status: newclosed

Please report web site bugs at https://github.com/jquery/jqueryui.com/issues