Philip Chee wrote: > DANGER WILL ROBINSON ! > <http://www.mozdev.org/source/browse/senderface/src/chrome/content/messageViewOverlay.js.diff?r1=1.3&r2=1.4> > > + var col = document.createElement("treecol"); > + col.setAttribute("id","myCol"); > + col.setAttribute("editable","true"); > + col.setAttribute("label","Face"); > + col.setAttribute("src", > "http://taz.vv.sebank.se/cgi-bin/pts3/pow/img/nav_arrow_right.gif";); > > This wasn't there in the previous version; and it isn't in the code of > the extension this was based on (messagefaces). > > There does not seem to be any good reason to load remote content here. I > mean the other extension, messagefaces, does optionally allow you to use > remote content for your *faces* but it's a pref that is off by default; > and it certainly doesn't load remote content for its UI. What does the > mozdev T&C say about this sort of behaviour? > > Having said that, I can't imagine why on earth a Swedish bank would want > to track Thunderbird users. Am I just being unnecessarily paranoid, or > are the Gnomes of Zurich really out to get me?
I think the Gnomes of Zurich get you -- Zurich in in Switzerland, not in Sweden :-) Seriously, I don't think that such code is trustworthy and should be removed. I hope this is just an error and the author actually wanted do reuse the arrow from that bank (which I don't consider legal either). -Patrick _______________________________________________ Project_owners mailing list [email protected] http://mozdev.org/mailman/listinfo/project_owners
![http://taz.vv.sebank.se/cgi-bin/pts3/pow/img/nav_arrow_right.gif"](http://taz.vv.sebank.se/cgi-bin/pts3/pow/img/nav_arrow_right.gif"){kind=link}