Re: Mozilla: howto block java for certain servers was: howto *really* 'accept images that come from the originating server only'?

[Mike McCarty <mike.mccarty@sbcglobal.net>]

Johannes Wiedersich wrote:
> I investigated further and found out that 'block images' of Mozilla 
> seems to work ok. (Sorry for my mistake; this is a huge html-page to 
> sort through...).
>
> Johannes Wiedersich wrote:
>
> > NB: I set the firewall on my sarge box to block all outgoing 
> > connections to the relevant servers now. But what will happen, if the 
> > bank points their external images to a different site? I also don't 
> > want to have to set up all cases manually. (Having configured the 
> > firewall, I now see these as 'blocked connections'.)
>
>
> Closer inspection shows that this is not due to the embedded images, but 
> the source code contains javascript as well that is pointing to the 
> external server.
>
> > NB 2: I consider this a security hole: 
>
>
> It would be nice, if site specific configuration of java and/or 
> javascript was possible with Mozilla as is implemented for images, 
> popups etc.

There are several very good reasons for not allowing javascript
on your machine under any circumstances. Most web page designers
are *not* expert programmers, and defects in javascript programs
are rampant. I don't permit javascript, period.

> For the time being, I think I will have to change my bank :-((

Talk to their customer relations people first.

Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!