Closed Bug 156734 Opened 19 years ago Closed 12 years ago

embed objects not shown in page info preview

Categories

(SeaMonkey :: Page Info, enhancement)

enhancement
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: jmd, Assigned: philip.chee)

References

()

Details

http://www.cmp-lab.or.jp/technical/image/iformat/png/sample.html

source:

<embed SRC="ayaka.png" WIDTH=392 HEIGHT=327 ALT="ayaka.png (14k)"><br>

page info shows the other two images in <img> tags, but this one has no full
path, and just shows a broken image icon.

cvs moz linux.
cursed relative paths
http://lxr.mozilla.org/seamonkey/source/xpfe/browser/resources/content/pageInfo.js#808

looks like we've disabled <embed> and <object> preview in page info (something
about java, crashes, security holes, etc, iirc).  Bug 149777 has some of the
nifty details; in particular, the patch there (bug 149777, comment 14) does:

  4) When protocol is not allowed and/or element is OBJECT or EMBED, set
     the image to 'loading-image.gif' (a blank image would be better,
     but...).

So this is by-design....
*** Bug 156726 has been marked as a duplicate of this bug. ***
Same on Win.
OS: Linux → All
BTW bug 153545 is IMHO related.
It's not.  This bug arises because we no longer show preview for <embed>s in
page info due to security consideration.  Changing summary to reflect this.
Summary: relative path embed objects not shown correctly in page info → embed objects not shown in page info preview
Whiteboard: WONTFIX?
Reproduced using FizzillaCFM/2002103011. Setting All/All.

I presume we could define a set of acceptable MIME types to preview and display
some sort of security warning for the rest.
Hardware: PC → All
Product: Browser → Seamonkey
(In reply to comment #6)
> This bug arises because we no longer show preview for <embed>s in
> page info due to security consideration.  

Andrew, is this sufficient to close wontfix?
Severity: normal → minor
Even if security concerns mean we can't actually display the object, it would be nice to show something a little better than a broken-image icon....
QA Contact: pmac
This is now a one line fix. We already allow HTMLObjectElement when isProtocolAllowed is true. I am going to do this in Bug 491310.
Assignee: db48x → philip.chee
Severity: minor → enhancement
Status: NEW → ASSIGNED
Depends on: 491310
Whiteboard: WONTFIX?
Fixed by the patch in  Bug 491310 Comment 27
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.