Difference between revisions of "User:Hendy:Flashblock"
Jump to navigation
Jump to search
(Initial thoughts) |
|||
| Line 24: | Line 24: | ||
Validation for both should be the same, and minimal | Validation for both should be the same, and minimal | ||
Done in WebFeatures isPartialStringValid | Done in WebFeatures isPartialStringValid | ||
| + | Strip scheme and anything after the first slash (ie: the path) | ||
| + | Don't allow / | ||
Length > 0 | Length > 0 | ||
Must have host and tld | Must have host and tld | ||
Revision as of 20:11, 26 March 2010
Flash exceptions list does not accept input of full URLs ("Add" button stays greyed out)
IDNs
Our Flashblock system accepts and works with IDNs.
Permissions doesn't work with IDNs, and needs to be given punycoded hosts.
Non-standard ports
Flashblock works with non-standard ports
www.hutech.edu.vn:8080 will allow flash on www.hutech.edu.vn:8080 but www.hutech.edu.vn will block flash on www.hutech.edu.vn:8080
Permissions will take non-standard ports, but doesn't store them
www.hutech.edu.vn:8080 will be stored as www.hutech.edu.vn Presumably, permissions will only consider the host when deciding whether to allow something.
Strategy
Validation for both should be the same, and minimal
Done in WebFeatures isPartialStringValid Strip scheme and anything after the first slash (ie: the path) Don't allow / Length > 0 Must have host and tld If flashblock, isn't already in whitelist
Committing to popup whitelist
Punycode result and send it to permissions Punycoding could be done in permission manager?
Committing to flashblock
Send straight to flashblock
