Open Bug 136782 Opened 22 years ago Updated 16 years ago

"Send Page" should not put a link for file:/// URLs into the compose frame

Categories

(SeaMonkey :: MailNews: Message Display, defect)

Product:
SeaMonkey
Component:
MailNews: Message Display
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

(Not tracked)

People

(Reporter: benc, Unassigned)

References

Details

(Keywords: privacy) 

I did a dupe check in Browser and MailNews before filing this.

STEPS:

View file on your disk in browser window.
SEND PAGE

The page is read as an enclosure, but the compose window includes the URL in a link.

Expected results:
File URL's should be supressed from showing up as a link.

Two reasons:
1- File URLs were not meant to be sent from system to system, they refer to
local files:

RFC 1738 (http://www.faqs.org/rfcs/rfc1738.html) says:
   The file URL scheme is unusual in that it does not specify an
   Internet protocol or access method for such files; as such, its
   utility in network protocols between hosts is limited. 

RFC 1630 (http://www.faqs.org/rfcs/rfc1630.html) says:

 There is clearly a danger of confusion that a link made to a local
   file should be followed by someone on a different system, with
   unexpected and possibly harmful results.  Therefore, the convention
   is that even a "file" URL is provided with a host part.  This allows
   a client on another system to know that it cannot access the file
   system, or perhaps to use some other local mecahnism to access the
   file.

   The special value "localhost" is used in the host field to indicate
   that the filename should really be used on whatever host one is.
   This for example allows links to be made to files which are
   distribted on many machines, or to "your unix local password file"
   subject of course to consistency across the users of the data.

   A void host field is equivalent to "localhost".

2- The file just ain't there most of the time!

For years, people at Netscape have sent out enclosures from their local hard
disk that had that URL that points to a file that is not on my disk. I wonder
how many people have clicked on these suprious file URL's over the years...
This is also a privacy issue as you reveal your hardrive/folders name.
Status: NEW → ASSIGNED
Keywords: privacy
Target Milestone: --- → mozilla1.0.1
-> defaults, retartgeting.
Assignee: ducarroz → sspitzer
Status: ASSIGNED → NEW
Target Milestone: mozilla1.0.1 → ---
See the closely related bug 241572.
*** Bug 87835 has been marked as a duplicate of this bug. ***
Product: MailNews → Core
sorry for the spam.  making bugzilla reflect reality as I'm not working on these bugs.  filter on FOOBARCHEESE to remove these in bulk.
Assignee: sspitzer → nobody
Filter on "Nobody_NScomTLD_20080620"
QA Contact: esther → composition
This is only in MAS, if I understand the new world order correctly.
Assignee: nobody → mail
Component: MailNews: Composition → MailNews: Main Mail Window
Product: Core → Mozilla Application Suite
QA Contact: composition
Summary: Send Page should not put a link for file:/// URLs into the compose frame → "Send Page" should not put a link for file:/// URLs into the compose frame
You need to log in before you can comment on or make changes to this bug.