Now that viewsource is handled very well by the security manager (bug 82495), there is no need for a special-case. Will attach a patch to clean up.
Comment on attachment 58072 [details] [diff] [review] patch to clean, ready for r/sr sr=jst
Um.. if I read the patch in bug 82495 correctly, then view-source:http://foo will end up having the same permissions as http://foo, no? And then it won't be able to load a stylesheet from resource:// Or am I missing something?
I am not sure about all the intricacies in the security wolrd but I tested the patch and it worked. Give a try at your end to see how it goes.
Comment on attachment 58072 [details] [diff] [review] patch to clean, ready for r/sr r=bzbarsky. works fine, less code == good.