Closed Bug 329755 Opened 17 years ago Closed 9 years ago
.enabled=false in thunderbird
Scott, there shouldn't be any problems with this, right?
Status: NEW → ASSIGNED
I thought we already defaulted JS to off in tbird?
Would have to be more than just the default pref since there's no UI for it, but let's see if we can swing this.
(In reply to comment #3) >...but if the user decides they want to enable js in mail, do they > need to enable both prefs, in which case, we'd need to tweak our UI, perhaps. > i heard the incorporated comrades from sun microsystems(tm)(inc) had some disagreement with the fr3nch military over active content in 00 d0cum3nts.
Attachment #235080 - Flags: review?(bienvenu) → review+
Composer is not app-mail, but it also has JS explicitly disabled. I meant, Thunderbird doesn't have any non-mail content docshells in which it expects scripts to execute, right? But extensions might be an exception to that. I don't think you could turn it on per docshell. We check a bunch of stuff (caps, docshell setting), and if any one of them says "no script" that's the end of it.
I don't know about extensions - this change worries me somewhat since we don't know if it breaks anything, and we're not giving the user any nice UI to undo it...it's a nice safety net when other things are broken, however.
We may come back and change our mind, but we think we have bug 346984 solved another way, and turning this off blocks what a legitimate extension can do. Plus, this isn't an approach we can take to secure SeaMonkey, so we do need to solve bug 346984 in another way ultimately anyway.
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Flags: blocking184.108.40.206+ → blocking220.127.116.11-
Resolution: --- → WONTFIX
Attachment #235080 - Flags: approval18.104.22.168? → approval22.214.171.124-
clearing the approval request
Flags: blocking-thunderbird2? → blocking-thunderbird2-
This might be worth doing on the trunk as an extra safety backup, and to see if any extensions actually do rely on this feature over the next year or so before a 1.9-based thunderbird is shipped.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
i'd appreciate an example where this option breaks something not counting extensions
If we want to go with this on trunk, sooner is probably better than later...
Target Milestone: Thunderbird2.0 → ---
Though seamonkey wouldn't be able to benefit from that right? Which would seem to make this a bit pointless.
Scott was working on something related in bug 374577, not sure if that would affect a decision on this.
>Though seamonkey wouldn't be able to benefit from that right? Which would seem >to make this a bit pointless. seamonkey aside, this will decrease the number of bugs in thunderbird, regression chances are very small imo
11 years ago
(In reply to dfghjkjhg from comment #20) > Maybe I am little bit spoiled from Firefox, where such options are available > in its UI... Firefox removed theirs too. I think given how broken web pages with js turned off are nowadays, disabling it isn't really an option as long as we want to display web pages somewhere inside the app. ->WONTFIX
Status: REOPENED → RESOLVED
Closed: 16 years ago → 9 years ago
Resolution: --- → WONTFIX
hi, any fix coming for this? Using SeaMonkey, and every time i reply to an email containing an image, i get a script error, and then seamonkey freezes and i have to restart. thx
(In reply to johny why from comment #23) > hi, any fix coming for this? Using SeaMonkey, and every time i reply to an > email containing an image, i get a script error, and then seamonkey freezes > and i have to restart. thx Your issue is unlikely to be related to this bug. You should seek help at one of the forum or newsgroup site mentioned in the links found at https://www.seamonkey-project.org/doc/
You need to log in before you can comment on or make changes to this bug.