http://bugs.winehq.org/show_bug.cgi?id=26203 --- Comment #4 from Juan Lang <juan_lang(a)yahoo.com> 2011-02-23 10:12:17 CST --- I just checked a wireshark capture of Firefox connecting both to http://gmail.com and https://gmail.com. In the former case, the browser is redirected to https://mail.google.com/mail. In the latter case, I surmise the browser is being redirected, because I see: DNS query gmail.com TLS connection to gmail.com DNS query mail.google.com TLS connection mail.google.com In the first TLS connection, to gmail.com, the server presents a certificate with CN=gmail.com, the browser is able to verify the certificate before handling the redirect. Curiously, no verification for this certificate appears in our logs, which appears to be a vulnerability. In any event, my money's on the redirection handling being the source of the problem. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.