Summary: Gecko will report an error when loading an unknown external protocol (by firing an NS_ERROR_UNKNOWN_PROTOCOL event). This could be a privacy threat because the behavior allows websites to enumerate external protocols of users’ platforms, which is a fingerprinting issue. To address this problem, we propose to suppress the error when loading an unknown external protocol.
Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=680300 Link to standard: No formal specification for this. In the HTML standard [1], there is one small paragraph describing how to handle external protocols. However, it doesn’t define what we should do for unknown external protocols. Platform coverage: All platforms Estimated or target release: Firefox 63 Preference behind which this will be implemented: None Is this feature enabled by default in sandboxed iframes? Yes If allowed, does it preserve the current invariants in terms of what sandboxed iframes can do? I believe so. DevTools bug: None Do other browser engines implement this? I tested and verified on Chrome, Edge, and Safari. None of them would report errors when loading unknown external protocols. Tests: We will add a Mochitest test for this. [1] https://html.spec.whatwg.org/multipage/browsing-the-web.html#hand-off-to-external-software -- Tim Huang Mozilla _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
