firefox is vulnerable to open redirect attacks. The vulnerability exists when using the Performance API which allows an attacker to notice subtle differences between PerformanceEntries
and thus learn whether the target URL had been subject to a redirect.