In the spring of 2014, I found a bug in several browsers, including Epiphany, Xombrero, Opera Mini and Midori. They were loading subresources, such as scripts, from HTTPS servers without doing proper certificate validation. I tracked this down to some bad defaults in webkit which have since beenfixed.

Interestingly, most mainstream browsers will silently fail to load subresources with bad certificates[1]. This means that a MitM attacker can comfortably hijack many domain names used for third party tracking scripts such as Google Analytics. If it fails, no big deal, no warning will be shown. In a vulnerable browser, you get arbitrary javascript execution in almost any page that embeds third party scripts.

Epiphany (now called web) and Opera Mini have both fixed this. Unfortunately Xombrero and Midori are still vulnerable. Xombrero seems to be dead, and I’ve gotten no response from them. I’ve been in touch with Midori, but they say they don’t have the resources to fix it, since it would require rewriting large portions of the code base in order to be able to use the fixed webkit.

There are probably other niche browsers out there with similar vulnerabilities. Since I can’t find, let alone test, all of them, this post contains a tool that can check whether your browser is vulnerable.

Click this box to start the test - if prompted to run insecure or unsafe scripts, choose “no”. If you have a browser extension that selectively allows javascript, you will need to whitelist rya.nc and all subdomains.
Your browser is being tested, please wait. This should take no more than thirty seconds.

Good news, your browser wasn’t fooled by any of the bogus certificates.

I recommend using the Qualys SSL Labs client test as well to check for any other issues with your browser’s SSL implementation.

You appear to have javascript disabled.

If you want your browser to be tested you’ll have to enable it.

There was a timeout trying to run the test. This is most likely caused by problems on my server, but it could also be a firewall.

Try the test again later.

Your browser doesn’t appear to support (Server Name Indication), which is required by this test. This should only happen on very old browsers. If you’re seeing this message in a recent browser, the cause is probably either my server having problems or your network connection being actively intercepted.

Try reloading the page.

Your browser appears to verify that the name on the server’s certificate is correct before executing javascript from it, but it doesn’t care whether the certificate is signed by a trusted authority.

If you are using a browser not mentioned in this post and are seeing this result, please contact me with the browser you are using, the version of the browser, and information about any security software (such as antivirus or content filters) on your device or network.

You should use a different browser until you’ve updated this one and confirmed it’s fixed.

Your browser appears to require certificates to be signed by a trusted authority, but it seems to be willing to run javascript from a server even if the name on the certificate is wrong.

If you are using a browser not mentioned in this post and are seeing this result, please contact me with the browser you are using, the version of the browser, and information about any security software (such as antivirus or content filters) on your device or network.

You should use a different browser until you’ve updated this one and confirmed it’s fixed.

Your browser doesn’t seem to validate that the name on a certificate is correct or that it was signed by a trusted authority before running javascript from a server.

If you are using a browser not mentioned in this post and are seeing this result, please contact me with the browser you are using, the version of the browser, and information about any security software (such as antivirus or content filters) on your device or network.

You should use a different browser until you’ve updated this one and confirmed it’s fixed.

If you enjoyed this, follow me on Twitter for my latest posts.
[1]The merits of this behaviour are debatable, but I wouldn’t change it. Alerting might notify the user of an attempted MitM attack, but the most likely case is it alerting due to misconfigurations. The result will be annoying error messages that the user quickly starts ignoring.