[Project_owners] Is this a remote web-bug in a Thunderbird extension hosted on mozdev?
patrick.brunschwig at gmx.net
Tue Jan 16 04:48:09 PST 2007
Philip Chee wrote:
> DANGER WILL ROBINSON !
> + var col = document.createElement("treecol");
> + col.setAttribute("id","myCol");
> + col.setAttribute("editable","true");
> + col.setAttribute("label","Face");
> + col.setAttribute("src",
> This wasn't there in the previous version; and it isn't in the code of
> the extension this was based on (messagefaces).
> There does not seem to be any good reason to load remote content here. I
> mean the other extension, messagefaces, does optionally allow you to use
> remote content for your *faces* but it's a pref that is off by default;
> and it certainly doesn't load remote content for its UI. What does the
> mozdev T&C say about this sort of behaviour?
> Having said that, I can't imagine why on earth a Swedish bank would want
> to track Thunderbird users. Am I just being unnecessarily paranoid, or
> are the Gnomes of Zurich really out to get me?
I think the Gnomes of Zurich get you -- Zurich in in Switzerland, not in
Seriously, I don't think that such code is trustworthy and should be
removed. I hope this is just an error and the author actually wanted do
reuse the arrow from that bank (which I don't consider legal either).
More information about the Project_owners