Working with Firebug might include reference to chrome: file

[alfonsoml]

I don't know the exact steps to reproduce, but I've seen a page that it wasn't possible to edit anymore giving an error in both IE and Firefox. The page was edited with full page and it had this included (after the last successful edit):

		<link charset="utf-8" rel="stylesheet" type="text/css" href="chrome://firebug/content/highlighter.css" />

So it might be a good idea to check that the <link>s doesn't point to restricted urls

[alfonsoml]

Note: the bug in Firefox was reported as

Access to restricted URI denied" code: "1012

and IE said "Access denied", line 84

[fredck]

I was able to append that <link> tag by simply inspecting a FullPage=true document with Firebug.

Is there any chance for us to detect Firebug and behave accordingly?

[alfonsoml]

Other extensions might include other content on the page, so I would rather just check that the href of the link starts with chrome:// and then ignore it. It doesn't matter if Firebug is loaded or not, we will be safe anyway.

An example of other extensions that do nasty things is Skype, but those transformations are much harder to revert as they are done in the body.

[alfonsoml]

Proposed SVN patch

[fredck]

Your thoughts make sense Alfonso... I doubt we'll ever have someone intentionally appending chrome:// <link>s.

[alfonsoml]

Fixed with [1983]