Question about auto xlinks

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Question about auto xlinks

Boris Zbarsky
nsXMLElement::MaybeTriggerAutoLink has some code that looks for a mail-type
docshell, etc.

Can we just remove that?  Shouldn't the CheckLoadURI check it does handle this?

-Boris
_______________________________________________
dev-tech-xml mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xml
Reply | Threaded
Open this post in threaded view
|

Re: Question about auto xlinks

Jonas Sicking
Boris Zbarsky wrote:
> nsXMLElement::MaybeTriggerAutoLink has some code that looks for a
> mail-type docshell, etc.
>
> Can we just remove that?  Shouldn't the CheckLoadURI check it does
> handle this?

That it does where? TriggerLink calls CheckLoadURIWithPrincipal, but
that doesn't seem to have enough info to dig back to the DocShell

/ Jonas
_______________________________________________
dev-tech-xml mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xml
Reply | Threaded
Open this post in threaded view
|

Re: Question about auto xlinks

Boris Zbarsky
Jonas Sicking wrote:
>> Can we just remove that?  Shouldn't the CheckLoadURI check it does
>> handle this?
>
> That it does where? TriggerLink calls CheckLoadURIWithPrincipal, but
> that doesn't seem to have enough info to dig back to the DocShell

That's true, but it passes the flag that tells the security manager to deny if
the link is coming from a document loaded via any of the mailnews protocols.

So I guess the real question is what sort of check we want here.  Do we care to
do this for an http:// document loaded in a mailnews docshell, e.g.?

-Boris
_______________________________________________
dev-tech-xml mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xml
Reply | Threaded
Open this post in threaded view
|

Re: Question about auto xlinks

Boris Zbarsky
Boris Zbarsky wrote:
> So I guess the real question is what sort of check we want here.  Do we
> care to do this for an http:// document loaded in a mailnews docshell,
> e.g.?

Put another way, should this really be doing a more stringent check than <meta
refresh> does?

-Boris
_______________________________________________
dev-tech-xml mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xml
Reply | Threaded
Open this post in threaded view
|

Re: Question about auto xlinks

Jonas Sicking
Boris Zbarsky wrote:
> Boris Zbarsky wrote:
>> So I guess the real question is what sort of check we want here.  Do
>> we care to do this for an http:// document loaded in a mailnews
>> docshell, e.g.?
>
> Put another way, should this really be doing a more stringent check than
> <meta refresh> does?

That does seem unnecessary I agree, but I do wonder if the right thing
isn't to add the checks to <meta refresh> rather than to remove them
from auto xlinks...

/ Jonas
_______________________________________________
dev-tech-xml mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xml
Reply | Threaded
Open this post in threaded view
|

Re: Question about auto xlinks

Boris Zbarsky
Jonas Sicking wrote:
> That does seem unnecessary I agree, but I do wonder if the right thing
> isn't to add the checks to <meta refresh> rather than to remove them
> from auto xlinks...

Seems like we should get the mail folks involved... Is there a newsgroup for that?

-Boris
_______________________________________________
dev-tech-xml mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-xml