Any person who modded this up needs a refresher in basic application security. The ability to iframe in a page allows for attacks like clickjacking.
When exactly did firefox's proxy settings SSH to anything? Your story has a few holes man.
Too much of everything is just enough. -- Bob Wier