Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Isn't that sort of a feature? Customizable HTTP auth dialogs are a security liability, as they blur the line between content and browser.


Yes and no. There is some part of it which helps to identify where you are connecting to. Meanwhile those dialogs aren't modal anymore, which allows access to https certificate info, but it is still complicated to provide trust for average users.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: