[Pidgin] #15467: Unsecure HTTP traffic with Yahoo! protocol
Pidgin
trac at pidgin.im
Wed Jan 23 22:50:48 EST 2013
#15467: Unsecure HTTP traffic with Yahoo! protocol
--------------------+----------------------------------
Reporter: ov1d1u | Owner: sulabh.dev
Type: defect | Status: new
Milestone: | Component: Yahoo!/Yahoo! JAPAN
Version: 2.10.6 | Resolution:
Keywords: |
--------------------+----------------------------------
Comment (by datallah):
It looks like this is the nature of the current state of the Yahoo
protocol.
The latest version of the native client also sends the session cookies
over various unencrypted HTTP connections during normal operation.
I looked at a few of the cases where this happens and those services are
not available to access securely (at least not at the equivalent https
URLs).
FWIW, the password is actually sent over a secure connection during the
login process.
There doesn't appear to be anything to be done about this from our end at
the moment.
--
Ticket URL: <https://developer.pidgin.im/ticket/15467#comment:1>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list