Add gopher to registerProtocolHandler safelisted schemes
Categories
(Core :: DOM: Core & HTML, enhancement)
Tracking
()
People
(Reporter: sebdeckers83, Unassigned)
References
(Blocks 1 open bug, )
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15
Steps to reproduce:
I want to register a website URL as handler for the "gopher" protocol. The "gopher" scheme is not currently whitelisted in the HTML spec.
Example:
navigator.registerProtocolHandler('gopher', 'https://gopher.commons.host/%s', 'Gopher Browser')
Actual results:
SecurityError: Navigator.registerProtocolHandler: Permission denied to add a protocol handler for gopher
Expected results:
Permission request: Add "gopher.commons.host" as an application for gopher links?
Button: [ Add Application ]
|
||
Comment 1•4 years ago
|
||
Resetting severity to default of --.
First, thank you for the love for Gopher, I was using it before HTTP was common!
I can't speak for the team handling protocol handlers, but please check with the folks working on https://addons.mozilla.org/en-US/firefox/addon/overbitewx/ and https://addons.mozilla.org/en-US/firefox/addon/ipfs-companion/.
|
||
Comment 3•4 years ago
|
||
This seems somewhat reasonable. And yeah, if we do this we should support it for both extensions and web pages.
|
||
Comment 4•4 years ago
•
|
||
(In reply to Emma Humphries, Bugmaster ☕️🎸🧞♀️✨ (she/her) [:emceeaich] (UTC-8) needinfo? me from comment #2)
First, thank you for the love for Gopher, I was using it before HTTP was common!
I can't speak for the team handling protocol handlers, but please check with the folks working on https://addons.mozilla.org/en-US/firefox/addon/overbitewx/ and https://addons.mozilla.org/en-US/firefox/addon/ipfs-companion/.
Hi, the first one is me.
gopher:// was whitelisted for WebExtensions awhile ago to be consistent with registerProtocolHandler. I'm surprised this regressed. Without the WebExtensions support OverbiteWX and OverbiteNX wouldn't even work. See bug 1385357.
|
||
Comment 5•4 years ago
|
||
Sorry for the delay in responding, Cameron.
Marking this as a regression.
The question about a protocol handler for gemini has come up as well.
|
|
||
Updated•4 years ago
|
|
||
Updated•4 years ago
|
|
|
||
Comment 6•4 years ago
•
|
||
I'm willing to do the patch, I just need to know if it would be accepted (seems it would per comment 3), and if gemini should be done at the same time. It's just a matter of adding it/them to kSafeSchemes[].
|
|
||
Comment 7•4 years ago
|
||
To be clear, this hasn't regressed; we aligned with the standard and started using a safelist in bug 1476035. https://github.com/whatwg/html/issues/5343 discusses adding this back to the standard, but there isn't much active interest there from other implementers.
|
|
||
Updated•3 years ago
|
(In reply to Anne (:annevk) from comment #3)
This seems somewhat reasonable. And yeah, if we do this we should support it for both extensions and web pages.
I agree fully... gopher, as well as gemini protocols should be supported in Firefox. To exclude those who use these protocols is not the Mozilla way. Correct? Gemini is growing and should be supported. It is secure, using modern methods to maintain private exchange of data.
Here is but one example of my case.... the "alt-web" is flourishing. https://github.com/Lex-2008/ggstproxy
Peace
|
||
Updated•2 years ago
|
Description
•