I'd like to propose a new protocol handler flag: URI_HAS_NO_SECURITY_CONTEXT
to be used by protocols whose URI does not carry any inherent security context and should instead "inherit" some sort of context. Specific examples are: data:, javascript:, external protocol handler.
This would allow me to remove a bunch of hardcoded checks for data: and javascript:, as well as fix bug 334407 in a sane way.
Thoughts? -Boris _______________________________________________ dev-tech-network mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-network
