Is there a way to run javascript in the url in FF6?
With the introduction of scratchpad to FF6 the javascript in the url is filtered out and will not execute.
The only way i have been able to run js scripts is to use the scratchpad even if it's a one line thing that i need.
I went into about:config and typed javascript into the filter then changed the browser.urlbar.filter.javascript configuration from true to false, nothing changed.
All Replies (4)
Running javascript: in the urlbar is no longer supported in version 6 for security reasons. Users were installing malware. Please use the scratchpad.
See also:
- bug 656433 - Disallow javascript: URLs to be run from the URL bar
You can still run a JavaScript bookmarklet via the location bar if you bookmark it and set a keyword to that bookmark.
You can also look at NoScript.
knorretje, You might have something there but that really didn't answer my question because you can still run any javascript from the scratchpad and using tools like firebug. It is not up to the developers of the browser to do security implementation on websites it is of to the website developer(s).
Thanks cor-el that was informative and helpful I appreciate your links and being informative.
I honestly figured that they would have some configuration in the about:config file that you could turn it back on they just filtered it out. I assumed that it was the browser.urlbar.filiter.javascript since it defaults to true, I toggled it to false and nothing changed.
So I guess the bettor question is what the heck does the browser.urlbar.filiter.javascript configuration even do in the about:config file since it had no effect on turning off the filter in the URL for javascript.
If I am correct then the documentation says that you can only execute javascript in the urlbar if it runs without security principal. Then I do not understand how changing this filter pref or any other pref will ever improve your situation. You can change whatever you want and it's not going to help you. Because of this, I also have no idea what this filter thing is doing. Also I would like to say that I'm not talking about security implementation on websites. I don't understand where you have read that. I'm talking about protecting users from social engineering or whatever you call it in English.