problem, but if you only check if it's a HTTPS connection then this attack is
possible.
+Another issue is embedded active content, like JavaScript. If the website
+includes data from a different host (e.g. a different sub-domain), for which
+tlsproxy has no certificate, then an attacker can MITM that connection and
+inject JavaScript with unknown consequences into the browser.
+
KNOWN ISSUES
------------
tlsproxy is licensed under GPL version 3 or later.
-Copyright (C) 2011-2013 Simon Ruderich
+Copyright (C) 2011-2014 Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by