resource: traversal vulnerabilities — Mozilla

Mozilla developer Boris Zbarsky reported that the resource: protocol allowed directory traversal on Linux when using URL-encoded slashes...