Universal Firefox Attack Through http Manipulation - And Wont Fix!!

Firefox has non-encrypted http requests done through of network.captive-portal-serivce which allow Mitm and ISP manipulation of the connection leading to malicious attack.

The attack reported on 2 different tickets:

  • MITM Attack:
  • Malicious ISP http Manipulation Attack:

And if you read their comments , they prefer convenient over security. So in this case as a user you have one choice to do which is fuck FF developers and close that by yourself by going to:


Then search for:


switch the value from true to false by double click on it.

Note: This is only effecting FF , but NOT TBB because its disabled by default there.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]