Mozilla
Menu
  • About Mozilla
  • Products
  • Give
  • Discover Firefox

Attack & Defense (Archive)

This blog has moved to https://attackanddefense.dev/

  • Explore

Insights into HTTPS-Only Mode

Christoph Kerschbaumer, Julian Gaibler, Arthur Edelstein and Thyla van der Merwe
March 10, 2021

  In a recent academic publication titled HTTPS-Only: Upgrading all connections to https in Web Browsers (to appear at MadWeb – Measurements, Attacks, and Defenses for the Web) we present … Read more

About Attack & Defense

The Attack & Defense blog is targeted directly at security researchers who are interested in new developments in Mozilla’s Bug Bounty, and guides, tips, and tricks for finding bugs in Firefox.

Recent Posts

  • IPC Fuzzing with Snapshots June 24, 2024
  • WebAssembly and Back Again: Fine-Grained Sandboxing in Firefox 95 December 6, 2021
  • Finding and Fixing DOM-based XSS with Static Analysis November 3, 2021
  • Implementing form filling and accessibility in the Firefox PDF viewer October 14, 2021
  • Fixing a Security Bug by Changing a Function Signature September 29, 2021

Stay in touch

  • Follow us on Twitter
  • Subscribe to our RSS Feed

Keep up with
all things Firefox.

We will only send you Mozilla-related information.

Thanks!

If you haven’t previously confirmed a subscription to a Mozilla-related newsletter you may have to do so. Please check your inbox or your spam filter for an e-mail from us.

Mozilla
Mozilla
  • About
  • Contact Us
  • Donate
    • Twitter (@mozilla)
    • Instagram (@mozillagram)
Firefox
  • Download Firefox
  • Desktop
  • Mobile
  • Features
  • Beta, Nightly, Developer Edition
    • Twitter (@firefox)
    • YouTube (firefoxchannel)
  • Website Privacy Notice
  • Cookies
  • Legal

Visit Mozilla Corporation’s not-for-profit parent, the Mozilla Foundation.

Portions of this content are ©1998-2025 by individual contributors. Content available under a Creative Commons license.