Summary: mozilla.dev.security - September 30, 2006 to October 6, 2006

Return to mozilla-dev-tech-xul


None during this week.


Protocol Handlers

Boris Zbarsky posed the question, Should random webpages have access to the following protocols: feed, pcast, moz-bookmark, webcal, swebcal. As well as any protocols that you have implemented and are NOT in the list of protocols nsScriptSecurityManager::CheckLoadURI


Consensus is that it should be allowed and treated as an ordinary link.


Similar to feed: just differentiating between different types of feeds and should be allowed access.


Protocol is defunct, apparently Ben Goodger disabled it back in 12/2003, shortly after he added it.

webcal: & swebcal:

Should also be allowed as the security manager doesn't differentiate between access types.


This is for allowing protocol handlers to define a custom security model (see bug 120373). There is no consensus in the posts as to if this should be allowed.

Problem Looping C_OpenSession Problem In Thunderbird

Christian Bongiorno has run into a problem developing a PKCS11 module for a new card. Thunderbird is continuously repeating 7 functions including C_OpenSession which accesses the card that he is developing.


None during this week.