That addon just replaces the header of "content-disposition: attachment" to "content-disposition: inline". Despite the name "inline", any file types that are not handled by Firefox will be downloaded and opened. And it will actually respect "do this automatically" flag.
As you may already see (and mentioned by plenty of people above), this means that if a site really wants to do malicious things (by auto opening certain files), it can do already: just use "content- disposition: inline" as response header. So in my opinion, disallowing "do this automatically" for "content- disposition: attachment" *only* is pointless even from a security perspective. And of course, such addon will have side effect for file-types that can be opened both inline and or as attachment/download (like images that are supposed to be downloaded will now be opened in Firefox). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1065126 Title: "Always do this from now on" does not work To manage notifications about this bug go to: https://bugs.launchpad.net/firefox/+bug/1065126/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
