when ignorePorts=false is applied to the whitelist it pulls in a more restrictive direction, less implicit trust
but when applied to the blacklist, the same setting pulls in a less restrictive direction, less implicit distrust
That's a bit schizophrenic, I think it makes sense to decouple its application. It either shouldn't apply to untrusted at all, or there should be a separate setting.
RFE: ignorePorts=false and untrusted
RFE: ignorePorts=false and untrusted
Mozilla/5.0 (Windows NT 5.1; rv:7.0) Gecko/20100101 Firefox/7.0
-
Giorgio Maone
- Site Admin
- Posts: 9527
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: RFE: ignorePorts=false and untrusted
This. It should just be a UI issue, though, isn't it? (i.e. site specifications listed for "Mark as untrusted" should never contain ports)al_9x wrote:It either shouldn't apply to untrusted at all
Mozilla/5.0 (Windows NT 5.2; WOW64; rv:7.0) Gecko/20100101 Firefox/7.0
Re: RFE: ignorePorts=false and untrusted
By just a UI issue do you mean that the difference between untrusted and non-whitelisted is just cosmetic?Giorgio Maone wrote:This. It should just be a UI issue, though, isn't it? (i.e. site specifications listed for "Mark as untrusted" should never contain ports)al_9x wrote:It either shouldn't apply to untrusted at all
So you agree that the current behavior should be changed? Now ignorePorts=false does apply to untrusted, if domain.invalid is marked untrusted, domain.invalid:port is not treated as untrusted.
Mozilla/5.0 (Windows NT 5.1; rv:7.0) Gecko/20100101 Firefox/7.0
-
Giorgio Maone
- Site Admin
- Posts: 9527
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: RFE: ignorePorts=false and untrusted
Yes I do.al_9x wrote:So you agree that the current behavior should be changed?
Mozilla/5.0 (Windows NT 5.2; WOW64; rv:7.0) Gecko/20100101 Firefox/7.0