Closed
Bug 433663
Opened 16 years ago
Closed 16 years ago
Can install addons with entering the URL directly to the url bar even if the domain is not allowed to install
Categories
(Toolkit :: Add-ons Manager, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 322697
People
(Reporter: himorin, Unassigned)
Details
Step 0. erase all allowed domains for addon installation 1. open new tab 2. paste some url for .xpi into URL bar 3. press return 4. get software installation dialog The same for FF3b5, FF2.0.0.14
Comment 1•16 years ago
|
||
The untrusted site waning is not displayed. This can be reproduced when the link is sent from other applications. Isn't this critical issue??
Severity: minor → normal
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 2•16 years ago
|
||
See Bug 363591 Comment #2 for a quick explanation. I'm looking for the bug that added the xpinstall whitelist which explains this in greater detail. Essentially, the xpinstall whitelist is to prevent drive by installation prompts (similar in functionality to a popup blocker) from web pages and not to prevent user initiated installs as described in this bug.
Comment 3•16 years ago
|
||
From Bug 322697 Comment #7 See bug 259670 and bug 240552 (especially bug 240552, comment 38) for an explanation.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•16 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•