Open
Bug 545668
Opened 15 years ago
Updated 1 year ago
Find a way of setting allowDNSPrefetch to false on docshells where we are loading messages (and true when we're not)
Categories
(MailNews Core :: Security, defect)
MailNews Core
Security
Tracking
(Not tracked)
REOPENED
People
(Reporter: standard8, Unassigned)
References
Details
When we load a message into a browser element/docshell, we need to set allowDNSPrefetch to false to protect the users privacy.
Currently we always set it to false for the browser element with id="messagepane".
As we don't load messages into other browser elements, this is fine. However, we do want to be able to do this, for bug 545666 and others, so we should find a sensible, common place to do this (possibly around the content policy area).
|
||
Comment 1•3 years ago
|
||
allowDNSPrefetch is a member of nsIDocShell now so we can set it whenever we want. Anyway, it's a bit pointless leaving this bug open after all of this time as we're not going to remember it's here when dealing with this stuff again.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INVALID
|
Reporter | |
Comment 2•3 years ago
|
||
If this now can be set on the docshell, then we should be able to do this as part of the content policy, andavoid having to set it manually.
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•