Security.fileuri.origin policy

From MozillaZine Knowledge Base
Revision as of 04:35, 7 September 2007 by Unarmed (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search
The title given to this article is incorrect due to technical limitations. The correct title is security.fileuri.origin_policy.

This article describes the preference security.fileuri.origin_policy. To add, delete, or modify this preference, you will need to edit your configuration — do not edit this article.

Background

When local HTML files (e.g., those located on your hard drive) are loaded into the browser, the scripts and links within have restrictions on what they can see and do. Those restrictions are determined by the same-origin policy for local files, which this preference controls.

Possible values and their effects

0

Local documents only have access to themselves.

1

Local documents have access to themselves and any other documents in the same directory.

2

Local documents have access to themselves, any documents in the same directory, and any documents in subdirectories. (Default)

3

Local documents have access to all other local documents, but not directory listings.

4

Local documents have access to all other local documents, including directory listings.

Caveats

  • Before this preference was implemented, the security policy was the same as this preference set to 4 (local documents have no restrictions).

Recommended settings

If you do development with local files and need to be able to retrieve other local files, you’ll need to set this preference to 3. Otherwise, lower settings offer the most security.

First checked in

2007-09-06 by Daniel Veditz

Has an effect in

  • Mozilla Firefox (nightly builds after 2007-09-06)
  • SeaMonkey (nightly builds after 2007-09-06)

Related bugs

See also

Retrieved from "http://kb.mozillazine.org/index.php?title=Security.fileuri.origin_policy&oldid=33610"