Minor RegExp issue in the webSearchTab.js code that tries to validate clicked links come from Google search requests. http://hg.mozilla.org/comm-central/annotate/4b427d4f3721/mail/base/content/webSearchTab.js#l244 A regexp of "\/url?" will match "/ur"-anything because the question mark makes the "l" optional. What you really want there is /^\/url\?/.test() Not really a big deal since you're also checking the host, unlikely that Google would try to fool Thunderbird for malicious purposes. If anything you'll match too much and then send legit intra-Google URLs to the external browser.
It seems that Google doesn't use redirects for its search results anymore (nor does Yahoo), so we should just remove this. We need to keep the special-casing for the Yahoo host name though, since image search is on a different subdomain.
Do we need to fix this before we release 10.0 ?
Created attachment 591270 [details] [diff] [review] The fix As discussed on irc, this should fix it so that just search? urls stay within google (assuming the pre & post hosts are the same).
Comment on attachment 591270 [details] [diff] [review] The fix Looks good, as discussed on IRC.
Checked in: http://hg.mozilla.org/comm-central/rev/ec4b5babe566 http://hg.mozilla.org/releases/comm-aurora/rev/265bf7f9a168 http://hg.mozilla.org/releases/comm-beta/rev/8044e1ef0c20