With the fix for bug 161546, when a user tries to load JS and data urls in the history sidebar or window, an alert dialog pops up saying that such urls cannot be loaded. We want to come up with a better way to do this that avoids alerts. Some suggestions are to: 1) Gray out js and data urls. 2) Don't display js and data urls in the history sidebar or window at all. Comments are welcome!
we should NOT just grey them out, think what a terrible user experience that would be - you see the URL in the history window, but you can't actually click on it. Why not? Who knows, ts just greyed out! There's no feedback to the user. My suggestion is that instead of fixing this bug that we come up with a way to actually run the urls in their own context, much like we do with bookmarks and the url bar.. they aren't security risks, right? so why are we treating history as some special thing? my suggestion is to WONTFIX this.
nisheeth, can you set the target milestone on this one? thx
Setting target milestone to 1.5 alpha...
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.5alpha
Target Milestone: mozilla1.5alpha → mozilla1.5beta
This bug doesn't need to be hidden anymore because the security hole it refers to was fixed a long time ago.
Assignee: nisheeth_mozilla → nobody
Status: ASSIGNED → NEW
QA Contact: chrispetersen → history.global
Component: History: Global → Bookmarks & History
Product: Core → Firefox
Target Milestone: mozilla1.5beta → ---
You need to log in before you can comment on or make changes to this bug.