2006-10-06

Summary: mozilla.dev.security - September 30, 2006 to October 6, 2006

Return to mozilla-dev-tech-xul

Announcements

None during this week.

Discussions

Protocol Handlers

Boris Zbarsky posed the question, Should random webpages have access to the following protocols: feed, pcast, moz-bookmark, webcal, swebcal. As well as any protocols that you have implemented and are NOT in the list of protocols nsScriptSecurityManager::CheckLoadURI

feed:

Consensus is that it should be allowed and treated as an ordinary link.

pcast:

Similar to feed: just differentiating between different types of feeds and should be allowed access.

moz-bookmark:

Protocol is defunct, apparently Ben Goodger disabled it back in 12/2003, shortly after he added it.

webcal: & swebcal:

Should also be allowed as the security manager doesn't differentiate between access types.

Other

This is for allowing protocol handlers to define a custom security model (see bug 120373). There is no consensus in the posts as to if this should be allowed.

Problem Looping C_OpenSession Problem In Thunderbird

Christian Bongiorno has run into a problem developing a PKCS11 module for a new card. Thunderbird is continuously repeating 7 functions including C_OpenSession which accesses the card that he is developing.

Meetings

None during this week.

Document Tags and Contributors

 Contributors to this page: fscholz, Jbmossop, Dria
 Last updated by: fscholz,