MozillaZine

Javascript.allow.mailnews

From MozillaZine Knowledge Base

The title given to this article is incorrect due to technical limitations. The correct title is javascript.allow.mailnews.

This article describes the preference javascript.allow.mailnews. To add, delete, or modify this preference, you will need to edit your configuration — do not edit this article.

Contents

[edit]

Background

Newsgroup messages and e-mail can be in HTML format and HTML can include JavaScript, so e-mail messages can include executable code. This preference controls whether to allow JavaScript in newsgroup messages and e-mails to execute.

[edit]

Possible values and their effects

[edit]

True

JavaScript in newsgroup messages and e-mails can execute.

[edit]

False

JavaScript in newsgroup messages and e-mails cannot execute. (Default)

[edit]

UI

[edit]

Mozilla Suite

A checkbox labeled “Mail & Newsgroups” is located under “Edit → Preferences → Advanced → Scripts & Plug-ins → Enable JavaScript for”.

[edit]

Recommended settings

While Mozilla products are secure, JavaScript in e-mails is a common attack vector and is rarely used legitimitely. It is recommended that this value be left at false unless there are compelling reasons not to.

[edit]

First checked in

2000-01-08 by Norris Boyd.

[edit]

Has an effect in

  • Mozilla Suite (all versions since M13)
  • Thunderbird (all versions)
  • SeaMonkey (all versions)
[edit]

Related bugs

[edit]

Related preferences

Retrieved from "http://kb.mozillazine.org/Javascript.allow.mailnews"