* Robert Millan ([EMAIL PROTECTED]) wrote: > On Tue, Jun 20, 2006 at 10:03:12PM -0400, Eric Dorland wrote: > > * Florian Weimer ([EMAIL PROTECTED]) wrote: > > > * Eric Dorland: > > > > > > >> Thanks, it seems disabling "middlemouse.contentLoadURL" gets rid of the > > > >> problem. Could you make this the default? > > > > > > > > Nope. > > > > > > Why not? It's a privacy issue, after all. > > > > Why is it a privacy issue? It's not like Google can take this data, > > you have to paste it to them. There's only so much that can be done to > > protect users from themselves. Should we disable pasting into a IRC > > client because it could potentially leak information? > > It seems that finaly we can discuss it; good! > > Users might want to paste their password when logging in through an > HTML form. Unfortunately if instead of the target box, user selects > the background by mistake, her password is sent automaticaly to > google. It is too easy to select the background by mistake, given > that the password box is small, and the background is huge. You > just click a few pixels away, and your password is seen by everyone > between you and google. It happened me a few times, and it seems > I'm not the only one.
I quite understand the issue, and you haven't made any new points compared to the original bug report. The other side of the coin is that this is a very useful feature and the sending of the data is completely user initiated. We could debate whether or not it is easy to make this kind of mistake, but it can be disabled if you don't trust your eye-mouse coordination. There are plenty of much more destructive actions that can happen by being a few pixels off with a mouse click. -- Eric Dorland <[EMAIL PROTECTED]> ICQ: #61138586, Jabber: [EMAIL PROTECTED] 1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6
signature.asc
Description: Digital signature
