TiddlyWiki and Firefox 3 Security Prompt

Submitted by Kevin Kleinfelter on Fri, 2008-08-22 18:38.

When TiddlyWiki goes to save a file, in Firefox, you get the following dialog

=====

Internet Security

A script from "file://" is requesting enhanced abilities that are UNSAFE and could be used to compromise your machine or data

=====

You'll often read doc about updating prefs.js with something that resembles:

user_pref("capability.principal.codebase.p0.granted","UniversalXPConnect  UniversalBrowserRead");
user_pref("capability.principal.codebase.p0.id", "file://");

This advice is almost correct, but you you specify only "file://" you will still get the message. You must specify the full path name of the file. Instead of "file://", give it something like:

user_pref("capability.principal.codebase.p1.granted", "UniversalXPConnect");
user_pref("capability.principal.codebase.p1.id", "file:///C:/Documents and Settings/kevin/Desktop/TwoNote/ScrapBook.html");
user_pref("capability.principal.codebase.p1.subjectName", "");

Firefox no longer accepts that "file://" is good for "file:///blah-blah/blah.html

Bookmark/Search this post with:

This ain't good enough!

Submitted by Mike (not verified) on Mon, 2008-09-01 01:42.

Thanks for the tip, but this is a poor solution for a man with many tiddlywikis -- particularly a changing number!

I'll keep searching and post here if I find anything.

Good find, though.

Fully agreed. From what

Submitted by Kevin Kleinfelter on Mon, 2008-09-08 13:13.

Fully agreed. From what I've read, Mozilla agrees that there is a bug in this area, and that (eventually) granting permission to file://will apply to all file://.

Input Jam

Primary links

Recent blog posts

Navigation

Syndicate

User login

TiddlyWiki and Firefox 3 Security Prompt

This ain't good enough!

Fully agreed. From what