On Fri, 2015-06-12 at 11:19 -0700, Andrew Lutomirski wrote: > It wouldn't really have to be Firefox, but getting the browser chrome > right to avoid trivial phishing attacks is critical, and all real > browsers already do that fairly well, whereas the simple embedded web > views (e.g. gnome-shell-portal-helper) get it nearly 100% wrong. Hi, it sounds like we have a problem to fix in gnome-shell-portal -helper. What specifically are your requirements for the browser chrome? I figure as long as the window title is something along the lines of "Connect to wireless network" and the hotspot can't change that, then we should be good? We could also put a short explanation of what is going on in a GtkInfoBar to make it really stand out. I guess the goal is to make the chrome distinctive enough that a user stops to think "something is not right, don't enter password" when the captive portal helper appears and displays google.com. FWIW the tech used for GNOME apps that need a web view is WebKitGTK+. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
