The configuration of an access to local files using by file protocol (file://)
I am an user of Firefox Quantum Extended Support Release 60.6.1esr (64-bit).
This is my first post to this question form.
My Question is about the configuration of an access to local files using by file protocol. In the default, accessing to local files is available. But I'm afraid about any security problems.
So I disabled file protocol by an operation bellow.
1.1. Displaying the detail configuration from "about:config"
1.2. Searching by the word "fileuri".
1.3. Changing the value of "browser.tabs.remote.separateFileUriProcess" to false from true.
1.4. Changing the value of "browser.tabs.remote.allowLinkedWebInFileUriProcess " to false from true.
Then I want to ask about this operation. There are three points.
2.1. I understood the method to disable an access to local files by using uri which's prefix is "file://". But It is not clear about an necessity of the operation discribed by 1.4.. From its preference name, I guesse it makes available to access to local files from links on the web. Is that right? and Is there a necessity of the operation discribed by 1.4.?
2.2. I suppose it might be a basic matter for users of firefox. But what kind of threats do we face in the case of being available to access to local files by using "file://"?
2.3. Are there any other operations we should do for security about firefox like this problem?
Modified by mosso
All Replies (2)
I don't know how this works.
- https://dxr.mozilla.org/mozilla-release/source/toolkit/modules/E10SUtils.jsm
- bug 1317921 - Handle nested file URIs with the file content process
(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)
Thank you cor-el!
But how should I understand this...the archives suggested is little bit technical for me...sorry.
How do I solve my question?
Modified by mosso