|
|
BugTraq
Fwd: New possible scam method : forged websites using XUL (Firefox) Jul 30 2004 09:05PM David Ahmad (da securityfocus com) (1 replies) Re: New possible scam method : forged websites using XUL (Firefox) Jul 31 2004 11:15AM Marc (md nomensa com) (3 replies) RE: New possible scam method : forged websites using XUL (Firefox) Aug 02 2004 01:02PM Thomas T. Evans, III (ttevans hawkcorp net) Re: New possible scam method : forged websites using XUL (Firefox) Aug 02 2004 09:59AM Peter J. Holzer (hjp wsr ac at) (1 replies) Re: New possible scam method : forged websites using XUL (Firefox) Aug 01 2004 07:43PM Nicholas Knight (nknight runawaynet com) (1 replies) Re: New possible scam method : forged websites using XUL (Firefox) Aug 02 2004 07:15PM Marc (md nomensa com) |
|
Privacy Statement |
> * add a UI to the "allow javascript only from trusted sites" feature.
> (few people know that mozilla can do that, and even for those, editing
> user.js is tedious).
More on the lines of "few people know that Mozilla can do that":
Daniel Veditz wrote in
<URL:http://bugzilla.mozilla.org/show_bug.cgi?id=22183#c97>:
| Or we could just force the location bar to be on using the existing
| pref, but obviously there must be some reluctance to that or it'd be
| done already.
So I started to look for the "existing pref", and sure enough, if you
write
user_pref("dom.disable_window_open_feature.location", true);
in your prefs.js, the spoof looks much less convincing.
(You can also set this preference via "about:config".)
hp
--
_ | Peter J. Holzer | Shooting the users in the foot is bad.
|_|_) | Sysadmin WSR / LUGA | Giving them a gun isn't.
| | | hjp (at) wsr.ac (dot) at [email concealed] | -- Gordon Schumacher,
__/ | http://www.hjp.at/ | mozilla bug #84128
[ reply ]