To try the thousands of add-ons available here, download Mozilla Firefox, a fast, free way to surf the Web!Close
Welcome to Firefox Add-ons.
Choose from thousands of extra features and styles to make Firefox your own.Close
clearHTTPStatus 126.96.36.199-signed.1-signed Requires Restart
Prevents abusing of HTTP status code.
1. It works in the background and does not need any user interaction.
2. Prevents a malicious site from performing a cross-domain discovery of the sites current user logged in.
About this Add-on
For example, HTML SCRIPT tag fires "onload" event if HTTP response from a victim server contains a 200 HTTP status code. And fires "onerror" event if the HTTP response from victim server contains one of 403, 404, 406 or 500 HTTP status code.
This attack was discovered by Mike Cardwell.
Above link provides good explanation of HTTP status code abuse with the help of examples.
The sole aim of this extension is to prevent an HTTP status code abuse to protect a user privacy. This extension works in background and does its job. It doesn't need any user interaction.
Status bar icon settings (hide/show) are preserved on close and reopen of Firefox.
This add-on is not compatible with your version of Firefox because of the following: