Dan Veditz wrote: > If you change the "security.fileuri.origin_policy" pref to a traditional > value does it start working again? > http://bonsai.mozilla.org/cvsblame.cgi?file=/mozilla/modules/libpref/src/init/all.js&rev=3.717&mark=477-478#477 > > Try '3' first, and if that's still not working try '4'. > > Is there a way to download a small example of the problem? The maps I found > at the link below were all on-line. > > The fixes should not prevent local pages from opening other pages, it just > prevents reading or writing into them. What sorts of actions are you doing? > What errors are you getting on the error console? (XBL and XSLT seem to > have problems due to this change).
Dan, I've seen your comment #73 about allowing by default access to foo_files name subdirectories and the l10n problems with it. I think allowing the file to allows subdirs with the same name and some extension behind is really the right direction, it's in fact better then allowing access to all other files in the same directory. Windows seems to recognize both the default extension of _files and the localized version. But what if I save the web page on a French Windows, and then copy it to an English version ? Or if I run a French Firefox on an English Windows ? So I think the best would to implement this by allowing foo to access the subdirectory foo_bar whatever the value of bar is (but maybe with some "reasonnable" restrictions on the content of bar. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
