Package: firefox
Version: 1.5.dfsg-4
As I describe here
https://bugzilla.mozilla.org/show_bug.cgi?id=308483
After you've invoked the `clear search history' option (on the context
menu in the search box), the normal browser history still contains the
URLs for the search results pages. This completely defeats the
intended privacy effect unless the user knows to clear the browser
history.
This means that feature is a privacy risk, as it can lead to a false
sense of security. This is quite hard to fix; the only correct
approach would be to clear all relevant entries from the browser
history or perhaps to ask the user whether to clear the browser
history too.
So in Ubuntu I have disabled this feature completely. The only way
now to achieve this effect is
Edit / Preferences ... /
Privacy / Saved Forms / Clear Saved Form Data Now
Firefox 1.0 used to have a useful `clear everything' button outside
all of the tabs on the Privacy pane. Unfortunately this has been
replaced by a reference to the Clear Private Data tool and a button
labelled, unhelpfully, `Settings ...'
The patch I used is below. I think it is an improvement that should
probably be in Debian too but you may disagree.
Ian.
diff -ruN debian/firefox-1.5.dfsg/browser/base/content/search.xml
firefox-1.5.dfsg/browser/base/content/search.xml
--- debian/firefox-1.5.dfsg/browser/base/content/search.xml 2005-10-26
02:05:26.000000000 +0100
+++ firefox-1.5.dfsg/browser/base/content/search.xml 2006-01-30
10:47:16.000000000 +0000
@@ -141,15 +141,18 @@
this._initializeEngine();
var element;
- element = document.createElementNS(XUL_NS, "menuseparator");
- this.mContextMenu.appendChild(element);
- element = document.createElementNS(XUL_NS, "menuitem");
- element.setAttribute("label", this.mStringBundle
- .getString("cmd_clearHistory"));
- element.setAttribute("accesskey", this.mStringBundle
- .getString("cmd_clearHistory_accesskey"));
- element.setAttribute("cmd", "cmd_clearhistory");
- this.mContextMenu.appendChild(element);
+# clearHistory doesn't work properly because it misses clearing the
+# corresponding URL history items. So we disable it for now to avoid
+# unfortunate accidents.
+# element = document.createElementNS(XUL_NS, "menuseparator");
+# this.mContextMenu.appendChild(element);
+# element = document.createElementNS(XUL_NS, "menuitem");
+# element.setAttribute("label", this.mStringBundle
+# .getString("cmd_clearHistory"));
+# element.setAttribute("accesskey", this.mStringBundle
+# .getString("cmd_clearHistory_accesskey"));
+# element.setAttribute("cmd", "cmd_clearhistory");
+# this.mContextMenu.appendChild(element);
this.controllers.appendController(this.searchbarController);
]]></body>
--
Ian Jackson, at home. Local/personal: [EMAIL PROTECTED]
[EMAIL PROTECTED] http://www.chiark.greenend.org.uk/~ijackson/
Problems mailing me ? Send [EMAIL PROTECTED] the bounce (bypasses the blocks).
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
