This bug is reported as the issue in the module review and jrgm asked me to make a bug out of it.
Search, and limit loading to same host.
Target Milestone: --- → mozilla1.4beta
Nav triage team: nsbeta1+/adt2
Keywords: nsbeta1 → nsbeta1+
Whiteboard: [sg:investigation] → [adt2][sg:investigation]
Chris will try to get this for 1.4final, reassigning.
Assignee: jaggernaut → caillon
Target Milestone: mozilla1.4beta → mozilla1.4final
<xul:image src="file://foo"/> from remote xul seems to work. (same if you use a chrome: uri)
xul:image we are not very concerned about at this point, unless it can cause bad side effects. The reason is that HTML img and input src has no checks either and these are public bugs. A thing to fix, but no need to be security sensitive. So any side effects, like if you use data or JS url or the file is not image (like if it is plugin or JS or something)? Anything else?
Component: XP Toolkit/Widgets: XUL → XUL
QA Contact: shrir → xptoolkit.widgets
Content XUL is gone.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.