You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Status line output: [18:37:44] show -> (0) no error message
Steps to reproduce the issue
Add items www/digitalocean.com and www/digital.mybank.com
Navigate to digital.mybank.com
Actual behaviour
"Context" in passff shows both www/digitalocean.com and www/digital.mybank.com
Expected behaviour
passff should match domains in reverse DNS order and therefore show only digital.mybank.com.
Implications
This could create a situation where a user accidentally fills a bank password into an insecure site, just because the bank has "digital" as a subdomain and the insecure site includes that word in its domain name.
Thanks for the suggestion! An option to have a stricter entry matching based on the domain only sounds reasonable and I will be happy to look into PRs in that direction.
Versions
Status line output: [18:37:44] show -> (0) no error message
Steps to reproduce the issue
Actual behaviour
"Context" in passff shows both www/digitalocean.com and www/digital.mybank.com
Expected behaviour
passff should match domains in reverse DNS order and therefore show only digital.mybank.com.
Implications
This could create a situation where a user accidentally fills a bank password into an insecure site, just because the bank has "digital" as a subdomain and the insecure site includes that word in its domain name.
Related
#519
The text was updated successfully, but these errors were encountered: