213
edits
Firefox/Projects/Network Error Pages: Difference between revisions
Jump to navigation
Jump to search
Firefox/Projects/Network Error Pages (view source)
Revision as of 00:03, 18 April 2009
, 18 April 2009→Caveats, Restrictions, Outstanding Questions
| Line 64: | Line 64: | ||
=Caveats, Restrictions, Outstanding Questions= | =Caveats, Restrictions, Outstanding Questions= | ||
* Wholesale override of 404 pages would be unpopular, and there is no reliable way to tell the difference between a 404 error page provided by a default install of the web server and a custom 404 error page. The other major browsers seem to look at file size and if | * Wholesale override of 404 pages would be unpopular, and there is no reliable way to tell the difference between a 404 error page provided by a default install of the web server and a custom 404 error page. The other major browsers seem to look at file size and if it's below a certain threshold, assume that it's a default page and overridable. Additionally a Firefox override might be useful even for custom error pages in some circumstances. | ||
* The old error page, by design, runs without chrome privileges, and the new page must also be chromeless. This is to prevent an XSS attach from escalating into a privilege escalation attack. | * The old error page, by design, runs without chrome privileges, and the new page must also be chromeless. This is to prevent an XSS attach from escalating into a privilege escalation attack. | ||
* There are privacy issues around using Google Link Doctor that will need to be addressed if we are to use it automatically. | * There are privacy issues around using Google Link Doctor that will need to be addressed if we are to use it automatically. | ||