[gopher] Thunderbird; add "gopher://" to list of the list of recognized protocols when displaying emails / usenet messages
Nuno J. Silva
nunojsilva at ist.utl.pt
Sun Sep 25 13:55:01 UTC 2011
On 2011-09-25, Jacob Dahl Pind wrote:
> On Sun, 25 Sep 2011, Walter Vermeir wrote:
>
>> Resolution: --- ? WONTFIX
>>
>> https://bugzilla.mozilla.org/show_bug.cgi?id=688976
>>
> is fun they quote security as the reason why gopher:// is removed but
> http/ftp is still there, one would think if it really was out of
> security concerns http, ftp, anything but pure ascii text would have
> been ban, and oh, it should probabilly ignore any user input as those
> users are a real security issue. :)
I'm still trying to understand how can there be security issues in
recognizing URLs...
This is an isse with shell integration? Really. But the only reason for
gopher:// to be insecure is, either http:// is insecure too, or they
managed to make a protocol-specific fix, when this should be an
OS-specific fix (e.g., in Windows you want to escape whatever
expressions allow you to inject commands in Windows, there is no point
in fixing it by protocol).
Looks more like someone at Mozilla is trying to get rid of *anything*
that is gopher-related in their software.
If they're really that paranoid, why are they using shell integration at
all?
--
Nuno J. Silva (aka njsg)
gopher://sdf-eu.org/1/users/njsg
More information about the Gopher-Project
mailing list