Boris Zbarsky wrote: > Should random web pages be able to access the following protocols? > > feed:
Well... we should really treat this just like a plain HTTP link, in Firefox. In tbird, the UI should be something like "do you want to subscribe to..." So, what does "access" mean? > For that matter, if you have implemented a protocol handler that is NOT > currently in the list of protocols nsScriptSecurityManager::CheckLoadURI > knows about and you want web pages to be able to access it, please let > me know ASAP. For what purpose? to be added to a hardcoded list, or are we going to give protocol handlers the ability to define a custom security model? --BDS _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
