On 09.04.2018 15:13, Tom Schuster wrote: > Summary: All FTP subresources in HTTPs pages (this also includes blob: > etc) will be blocked. Opening FTP links as toplevel documents is still > possible. > > Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1404744 > > Platform coverage: All > Target release: Firefox 61 (this already landed, but we forgot to send > this, sorry!) > Preference behind which this will be implemented: None > Is this feature enabled by default in sandboxed iframes: Yes, enabled > everywhere > DevTools bug: None
For those who have wondered about the same. If you try loading an FTP url in an iframe, we show the following warning in the DevTools: Loading FTP subresource within http(s) page not allowed (Blocked loading of: “ftp://evil.com/”) > Do other browser engines implement this? > Chrome shipped in M62? > web-platform-tests: No > Secure contexts: n/a > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform