Enable *some* restrictions on whitelisted sites too
Posted: Wed Mar 05, 2014 3:31 am
A lot of issues with allowedMimeRegexp, etc, could be avoided if there were an option to forbid selected embedding types on trusted sites, not just matching what is forbidden on untrusted sites. So, eg, our friend WebGLee could choose to automatically allow WebGL on trusted sites, while blocking Flash and Java everywhere.
So, instead of the current wall of checkboxes, with the extra checkbox below to apply to trusted sites, you could have, eg, a wall of dropdowns, choosing 'Always allow - Forbid on untrusted - Forbid everywhere' for each embedding type. Or perhaps a triple wall of radio buttons, because there's plenty of horizontal space at present. Or at least preferences in about:config...
I could be wrong, but I believe that this would be reasonably simple to code. I could take a closer look and do up some samples if helpful.
So, instead of the current wall of checkboxes, with the extra checkbox below to apply to trusted sites, you could have, eg, a wall of dropdowns, choosing 'Always allow - Forbid on untrusted - Forbid everywhere' for each embedding type. Or perhaps a triple wall of radio buttons, because there's plenty of horizontal space at present. Or at least preferences in about:config...
I could be wrong, but I believe that this would be reasonably simple to code. I could take a closer look and do up some samples if helpful.