Jon Hall wrote:
>
> I hadn't come across this yet, but I would have eventually. This is
> really stupid if you ask me. I hope they remove this and fix the actual
> problem.
>
Place your bets gentlemen, when will the Maozilla Politburo fix an
actual problem?
> jon
>
> Carlfish wrote:
>
> > On Sun, 01 Jul 2001 03:31:03 GMT, William Herrera
> > <[EMAIL PROTECTED]> somehow managed to type:
> >
> >>Why when using port 1080 as an alternative for http access does Mozilla 0.9.x
> >>refuse to do the socket, saying:
> >>
> >>Access to the port number given has been disabled for security reasons.
> >>
> >
> > Certain ports are inaccessable from Mozilla because of exploits involving
> > a specially crafted URL redirection that could cause your browser to send
> > arbitrary commands to certain types of server. 1080 is blocked because it
> > is the default port for SOCKS proxy servers.
> >
> > IMHO, they went about this the wrong way - blocking ports is a band-aid
> > fix, the correct response would be to prevent Mozilla from sending
> > line-feeds to servers as part of a URL.
> >
> > There is a user pref that you can set to override this restriction, but
> > there isn't any UI for it - you have to set it manually.
> >
> > http://bugzilla.mozilla.org/show_bug.cgi?id=85601
> >
> > ------- Additional Comments From Doug T 2001-06-15 13:10 -------
> >
> > There is a prefs that allows you to do this:
> >
> > network.security.ports.banned.override
> >
> > Just add all the ports you want "freed" comma delimited
> >
> > ----
> >
> > Charles Miller
> >
