Open
Bug 1306351
Opened 8 years ago
Updated 2 years ago
Add a way to mark downloads as started by the user
Categories
(Firefox :: File Handling, defect, P3)
Firefox
File Handling
Tracking
()
NEW
People
(Reporter: Paolo, Unassigned)
References
(Blocks 2 open bugs)
Details
We should add a way to detect if a download was triggered as a result of a top-level load triggered in turn by user interaction. We'll use this for the protection from sites that try to download multiple files automatically. We may need to add platform support in the form of load flags if none is present already.
Comment 2•7 years ago
|
||
I wonder if we could hook into the "temporary permissions" mechanism for this, which does kind of the same thing already. Temporary permissions are cleared until the user navigates away from the page or reloads it, which is kind of what we want for this, too (and it might be even more sensible to apply download protection to the entire tab instead of origin to protect against a.example.com, b.example.com type redirection attacks).
https://searchfox.org/mozilla-central/search?q=cleartemporarypermissions&case=false®exp=false&path=
That would require no load flag.
Comment 3•7 years ago
|
||
(In reply to Johann Hofmann [:johannh] from comment #2)
> cleared until the user navigates away from the page or reloads it, which is
Meant to say "cleared when the user navigates away..."
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•