Last Comment Bug 317819 - disable more javascript/DOM abilities, plugins in mail
: disable more javascript/DOM abilities, plugins in mail
Status: RESOLVED FIXED
: fixed1.8
Product: SeaMonkey
Classification: Client Software
Component: UI Design (show other bugs)
: Trunk
: All All
: -- normal (vote)
: ---
Assigned To: Andrew Schultz
:
Mentors:
Depends on: 349121
Blocks:
  Show dependency treegraph
 
Reported: 2005-11-25 20:15 PST by Andrew Schultz
Modified: 2008-07-31 04:22 PDT (History)
5 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
patch (1.67 KB, patch)
2005-11-25 20:26 PST, Andrew Schultz
iann_bugzilla: review+
neil: superreview+
Details | Diff | Splinter Review
just patch browser-prefs.js (890 bytes, patch)
2005-11-29 20:16 PST, Andrew Schultz
no flags Details | Diff | Splinter Review
like so? (1.72 KB, patch)
2005-11-30 07:18 PST, Andrew Schultz
neil: review+
neil: superreview+
Details | Diff | Splinter Review
patch for branch (2.85 KB, patch)
2005-11-30 22:51 PST, Andrew Schultz
kairo: approval‑seamonkey1.0+
Details | Diff | Splinter Review
Make that change to the tinderbox config (1.62 KB, patch)
2005-12-09 16:21 PST, Boris Zbarsky [:bz]
no flags Details | Diff | Splinter Review
Er, _this_ is the change Chase made (1.61 KB, patch)
2005-12-09 16:22 PST, Boris Zbarsky [:bz]
dbaron: review+
Details | Diff | Splinter Review

Description Andrew Schultz 2005-11-25 20:15:09 PST
Among the Advanced->Scripts&Plugins prefs, only "Hide Status Bar" is disabled by default.  Most of these add nothing to the user's browsing experience and are often abused by websites and/or could be used to confuse the user and make spoofing easier.  Web applications sometimes use these abilities in a way that's appropriate, but their users can always re-enable them.

These are all already disabled in Firefox/Thunderbird.
Comment 1 Andrew Schultz 2005-11-25 20:26:58 PST
Created attachment 204195 [details] [diff] [review]
patch

disables move/resize, raise/lower, mucking with the context menu and plugins in mail.

I left change images and status bar text.  Changing images is actually useful.  I personally have changing status bar text disabled as well, but leaving it on isn't real bad and disabling it isn't all that useful because of bug 40838.
Comment 2 Andrew Schultz 2005-11-29 19:39:32 PST
fixed
Comment 3 Andrew Schultz 2005-11-29 20:13:16 PST
oops.  I guess I shouldn't be mucking with all.js when we have browser-prefs.js

Also firefox doesn't actually disable the context menu like I thought.
Comment 4 Andrew Schultz 2005-11-29 20:16:45 PST
Created attachment 204510 [details] [diff] [review]
just patch browser-prefs.js

I had timeless back out the all.js change.
Comment 5 neil@parkwaycc.co.uk 2005-11-30 04:27:57 PST
Comment on attachment 204510 [details] [diff] [review]
just patch browser-prefs.js

You don't need two blank lines, and you shouldn't tag this block on to the end, I'd rather have the #ifdefs at the end (oops: bidi.browser.ui!)
Comment 6 Andrew Schultz 2005-11-30 07:18:53 PST
Created attachment 204557 [details] [diff] [review]
like so?
Comment 7 neil@parkwaycc.co.uk 2005-11-30 08:48:46 PST
Comment on attachment 204557 [details] [diff] [review]
like so?

Thanks for moving the bidi pref too.
Comment 8 Joe Sabash [:JoeS1] 2005-11-30 17:46:19 PST
I know at least a dozen folks that have switched to seamonkey specifically for plugin capability, not in Mail necessarily, but in Newsgroups.
Am I correct in assuming that since this checkin.
http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&root=/cvsroot&subdir=mozilla/mailnews&command=DIFF_FRAMESET&root=/cvsroot&file=mailnews.js&rev1=3.256&rev2=3.257
The plugin pref will have to over-ridden again ?
Crescendo, (although not currently supported)works quite well either with remote source embeds or javascript embeds to an inline src.
 
Comment 9 Andrew Schultz 2005-11-30 22:43:25 PST
Yes, you'll need to override the pref.  The pref shows up in the pref window under advanced->scripts&plugins.

The vast majority of users shouldn't have this pref enabled.  It allows attackers to send you mail with java/flash/etc embedded objects that attempt to steal personal info or at least confuse users into sending their info.  Plugins also have security holes.

Mail is a much easier attack vector since attackers can send the mail to victims and they are almost guaranteed to at least open it (compared with depending on victims to visit their website).

All of that goes double for exactly the type of people who would be least likely to find, understand and change the pref.
Comment 10 Andrew Schultz 2005-11-30 22:51:07 PST
Created attachment 204647 [details] [diff] [review]
patch for branch

I think we want this for beta.  I'll pretend that 1.8.0.1 = SM1.0b
Comment 11 Boris Zbarsky [:bz] 2005-12-01 12:19:01 PST
I've backed out the move/resize part of this patch on trunk pending the luna tinderbox being tweaked to deal with it -- the DHTML perf test needs to be able to maximize the window.
Comment 12 Ian Neal 2005-12-09 15:17:03 PST
Comment on attachment 204647 [details] [diff] [review]
patch for branch

Does the branch have similar issues to trunk wrt  DHTML perf tests?
Comment 13 Robert Kaiser 2005-12-09 15:21:29 PST
Comment on attachment 204647 [details] [diff] [review]
patch for branch

hmm, I'm actually not glad with breaking Tdhtml tests by default as we have them running on our branch tinderboxen... The rest looks fine to me for branch though...
Comment 14 Robert Kaiser 2005-12-09 15:35:54 PST
Comment on attachment 204647 [details] [diff] [review]
patch for branch

hmm, I'm actually not glad with breaking Tdhtml tests by default as we have them running on our branch tinderboxen... The rest looks fine to me for branch though...
Comment 15 Boris Zbarsky [:bz] 2005-12-09 16:01:12 PST
I'm not really looking at branch Tdhtml, so I'm ok with this happening on branch.  There should be no changes there that affect Tdhtml anyway.  ;)
Comment 16 Andrew Schultz 2005-12-09 16:08:32 PST
> hmm, I'm actually not glad with breaking Tdhtml tests by default as we have
> them running on our branch tinderboxen...

We can still see regressions, the baseline will just be too low.

or you can fix it on the server:
add
set_pref($pref_file, 'dom.disable_window_flip', 'false');
here:
http://lxr.mozilla.org/mozilla/source/tools/tinderbox/build-seamonkey-util.pl#1742
Comment 17 Ian Neal 2005-12-09 16:11:08 PST
Comment on attachment 204647 [details] [diff] [review]
patch for branch

ok, a=me as long as we get the set_pref change made for branch
Comment 18 Boris Zbarsky [:bz] 2005-12-09 16:21:02 PST
Created attachment 205436 [details] [diff] [review]
Make that change to the tinderbox config

Chase just made this change on luna; I've relanded on trunk the part of the patch for this bug that I had backed out.
Comment 19 Boris Zbarsky [:bz] 2005-12-09 16:22:24 PST
Created attachment 205437 [details] [diff] [review]
Er, _this_ is the change Chase made
Comment 20 Robert Kaiser 2005-12-10 07:15:49 PST
Comment on attachment 204647 [details] [diff] [review]
patch for branch

ok, get it in - my branch tinderboxen have the fix now - we should still try to get it into tinderbox tree though
Comment 21 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2005-12-13 23:29:21 PST
Comment on attachment 205437 [details] [diff] [review]
Er, _this_ is the change Chase made

I checked this in to the trunk.

Note You need to log in before you can comment on or make changes to this bug.