Closed
Bug 1128622
Opened 11 years ago
Closed 4 years ago
Add "tell me when it's safe" option for vulnerable click-to-play plugins
Categories
(Core Graveyard :: Plug-ins, enhancement, P3)
Core Graveyard
Plug-ins
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: jruderman, Unassigned)
Details
(Keywords: sec-want)
Firefox should offer to reopen the page for me once an update is available for the plugin. This gives me an option that's both safe and not too much of a hassle.
This would be perfect for Java today, and make it more feasible for us to temporarily CtP Flash during its next 0-day.
|
||
Comment 1•11 years ago
|
||
How would this work in practice? We'd build a list and days later pop a bunch of tabs on a user? Sounds a bit confusing.
|
||
Comment 2•11 years ago
|
||
IMHO, we would also want to be careful about the wording here. Arguably, declaring particular plugins as "safe" could be misleading. "Not known to be actively under attack through 0-days" doesn't equate to "safe". AFAICT, the addon manager declares plugins as up-to-date, but never as safe.
|
Reporter | |
Comment 3•11 years ago
|
||
Eh, I'm sure we can make it less confusing than GETTING PWNED.
|
||
Updated•8 years ago
|
Priority: -- → P3
|
||
Comment 4•4 years ago
|
||
Resolving as wont fix, plugin support deprecated in Firefox 85.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
|
|
||
Updated•3 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•