I've delayed too long on this - we need to clean up CheckLoadURI. For starters, protocol handlers should be able to advertise their security requirements, rather than hardcoding them in ScriptSecurityManager. Secondly, I want to try to relax the local file loading restriction if we can do it without opening any holes. This will be a metabug for tracking CheckLoadURI related issues.
Status: NEW → ASSIGNED
OS: Windows 2000 → All
Hardware: PC → All
Target Milestone: --- → mozilla1.4beta
bug 165799 needs to be fixed before you relax file: URL restrictions.
Target Milestone: mozilla1.4beta → ---
Assignee: security-bugs → dveditz
Status: ASSIGNED → NEW
QA Contact: bsharma → toolkit
You need to log in before you can comment on or make changes to this bug.