logo
Published on Input Jam (http://www.kleinfelter.com)

TiddlyWiki and Firefox 3 Security Prompt

By Kevin Kleinfelter
Created 2008-08-22 18:38

When TiddlyWiki [0] goes to save a file, in Firefox, you get the following dialog

=====

Internet Security

A script from "file:// [1]" is requesting enhanced abilities that are UNSAFE and could be used to compromise your machine or data

=====

You'll often read doc about updating prefs.js with something that resembles:

user_pref("capability.principal.codebase.p0.granted","UniversalXPConnect  UniversalBrowserRead");
user_pref("capability.principal.codebase.p0.id", "file://");

This advice is almost correct, but you you specify only "file:// [2]" you will still get the message. You must specify the full path name of the file. Instead of "file:// [3]", give it something like:

user_pref("capability.principal.codebase.p1.granted", "UniversalXPConnect");
user_pref("capability.principal.codebase.p1.id", "file:///C:/Documents and Settings/kevin/Desktop/TwoNote/ScrapBook.html");
user_pref("capability.principal.codebase.p1.subjectName", "");

Firefox no longer accepts that "file:// [4]" is good for "file:///blah-blah/blah.html [5]

Source URL:
http://www.kleinfelter.com/node/132

Links:
[1] file:///
[2] file:///
[3] file:///
[4] file:///
[5] file:///blah-blah/blah.html