Search Mailing List Archives
[liberationtech] Another loss for the Internet
mus at musalbas.com
Wed Feb 19 17:24:01 PST 2014
On 19/02/14 20:56, Mitar wrote:
> This change effectively allows a website to prevent bookmarklets from
> working. In essence, content providers can prevent users to execute
> their own bookmarklets and change how website behaves. It requires
> users to use extensions and not simple scripts.
Interestingly Mozilla Firefox has since 2009 allowed website which
implement Content Security Policy (CSP) to prevent users to execute
their own bookmarklets - albeit by mistake!
Before a bug fix, even Firebug was subject to CSP:
Facebook have also implemented something similar (not using CSP) for
webkit browsers (namely Google Chrome). They are using the browser's
On 19/02/14 23:39, Gregory Maxwell wrote:
> There are other ways of dealing with fringe liabilities, go insure
> against it— for example. Shackling the users control of their own
> devices and their own experience on the internet shouldn't be an
> acceptable solution.
The 5th principle of the Mozilla manifesto is "Individuals must have the
ability to shape the Internet and their own experiences on the
Internet". It will be interesting to see what may happen if web
specifications which contradict the principle are approved. I speculate
that it may be argued that the principle is still upheld as CSP can
trivially be disabled in the config.
More information about the liberationtech