Assignee: nobody → gavin.sharp
Status: NEW → ASSIGNED
Duplicate of this bug: 686484
What solution will be made and in what version of FF? By the way: it also affects addons which loads external content like RSS readers. In such case evil code will be executed in chrome:// zone.
It would be cleaner to make disallowing the principal inheritance openUILinkIn's default behavior, but that has the potential to break people, given its wide use. Maybe we can revisit that separately.
Comment on attachment 564925 [details] [diff] [review] patch When you enter a new url in the urlbar in an app tab, it does open in a new tab like we want in bug 598587, but the urlbar value in the app tab doesn't revert like it should. Additionally, openLinkIn doesn't do a host comparison before deciding to open the url in a new tab, which is part of what bug 598587 requires (however I think this is less of a big deal and could be done in a follow-up bug).
Attachment #564925 - Flags: feedback-
Good catch! The URL bar changes really aren't relevant to this bug, I shouldn't have included them here. Here's a patch that just fixes this as summarized (which still includes the changes to openLinkIn).
Attachment #567254 - Flags: review?(dao)
Attachment #564925 - Attachment is obsolete: true
Hardware: x86_64 → All
Target Milestone: --- → Firefox 10
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.