-----BEGIN PGP SIGNED MESSAGE-----
> The "make firefox" rule uses wget to get a few files. Is this because you
> don't want to distribute signatures on Github? Ideally, it would use local
> files only.
I was referring to the HTTPS statement. I'd like to deepen this statement.
There are signatures and I also think that the GitHub clone reduce the
complexity. I agree that the latter will be the default. However HTTPS is used
both in the clone and in the process to get my public key.
> Well, it crashed my machine... I had to reboot the whole thing. It would be
> nice if it did something more graceful when presented with 20 links at the
> same time, even if it is just asking for confirmation.
Why 20? Why not 10, 30 or other numbers? However to avoid DOS attacks, very
plausible, is useful to have a maximum requests per second. When this limit is
reached the extension blocks other request and warns the user. This is a vital
> Also, I think your tool could be quite useful for several different use
> cases. Perhaps it's better to have the default configuration being
> unobtrusive, but allow the user to switch on more defenses if they like.
I think that the opposite is better. *The user* sets as default "Open here
mode" (not secure), and then, trough Quick Settings, it could switch to
"redirection mode". Quick Settings has to be very flexible.
More secure default, is better.. I repeat: the extension did its job.
However why do you not whitelist these (20+) URLs (or related domains), if you
consider them trustworthy?
> (I think this idea needs a bit more thought!)
I agree. It's something not, principally, related to this extension. I'm also
waiting to try the stable 4.0.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to email@example.com.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.