Closed Bug 8601 Opened 25 years ago Closed 25 years ago

feature request

Categories

(Core :: Networking: Cache, enhancement, P3)

Product:
Core
Component:
Networking: Cache
Type:
enhancement

Tracking

()

Status:
VERIFIED WONTFIX

People

(Reporter: csbooton, Assigned: gagan)

References

(
URL
)

Details

One thing about netscape that has bugged me is that the filename's in the cache are never stored using the same name as the filename on the server, I notice that the name become codes that are 8 letters long wihich I assume is so they can be read by OS's without the ability to read names over 8 characters. How about making this so that theyd o use the original name, and if it's more then 8 letters and the OS cannot handle it then trunincate the name to 8. In the case of two files having the same name, the second one and beyond would have a number at the end of the file indicating repeat file name (ie rat.jpg , rat1.jpg and so on) (or if it's the same file on diffrent sites then just use that file for all of them). This would make retrieving specific files from the cache if such an action was desired much easier.
Necko landing...
I'm moving this to target M9, Necko will be enabled somewhere during late M8 or
early M9.  We will need to get on this and it cannot be postponed past the M9
milestone.
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → WONTFIX
Target Milestone: M9 → M10
There are historical security reasons why this can't quite be simplified any
further. Look for new cache api that will make accessing these objects more
conveniently.
What are the security reasons? I dont see how it's a security problem using the
file's real names in the cache. Please explain.
Essentially we don't want someone to guess your filename. There could be a
possibility that someone may access your cache directory. But not having an
obvious filename can deter if not block some possible attack.
Status: RESOLVED → VERIFIED
i am marking verified for tracking purposes, but feel free to let the debate
continue...
What sort of attacks are we talking about?  DOM attacks?
Bulk move of all Cache (to be deleted component) bugs to new Networking: Cache
component.
You need to log in before you can comment on or make changes to this bug.