imo, you really need to add a pref to cover this (I'm not saying make it opt-in, just preffable.). It will break something somewhere and at least you can tell that poor person they can have compat back via config.
It also has a very small possibility of breaking enterprises or something we would discover late, and we would want to be able to push a pref to fix that. On Mon, Apr 9, 2018 at 9:13 AM, Tom Schuster <t...@schuster.me> wrote: > Summary: All FTP subresources in HTTPs pages (this also includes blob: > etc) will be blocked. Opening FTP links as toplevel documents is still > possible. > > Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1404744 > > Platform coverage: All > Target release: Firefox 61 (this already landed, but we forgot to send > this, sorry!) > Preference behind which this will be implemented: None > Is this feature enabled by default in sandboxed iframes: Yes, enabled > everywhere > DevTools bug: None > Do other browser engines implement this? > Chrome shipped in M62? > web-platform-tests: No > Secure contexts: n/a > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
