Block File System Browsing

User Help for Mozilla Firefox
Post Reply
User avatar
Shadoefax
Posts: 465
Joined: April 29th, 2005, 2:59 pm
Location: Glendale, AZ
Contact:
Contact Shadoefax

Re: Block File System Browsing

Post by Shadoefax »

You could just write a small extension that contains the following code:

Code: Select all

window.document.addEventListener("load",myExt_docLoad,true);

function myExt_docLoad(){
// Load something other than "about:config".  In this case, a warning page.
   var title = document.title;
   if(title.toLowerCase().indexOf("about:config") == 0){
      getBrowser().loadURI("chrome://myExt/content/Restricted.html");
   }
   window.document.removeEventListener("load",myExt_docLoad,true);
   return true;
}


ETA: Oops ... posted this in the wrong thread! My bad ... please delete or disregard
All my signatures are stolen from other people. Including this one.
Homepage
Top
TouringEgypt
Guest

Re: Block File System Browsing

Post by TouringEgypt »

Any update with this for version 3.6.6? I am also working with a Kiosk environment where I want to ensure that users can not access the local disk to bypass our enterprise security settings.
Top
User avatar
FatJohn
Posts: 3165
Joined: October 19th, 2007, 10:19 am

Re: Block File System Browsing

Post by FatJohn »

Run Firefox as a user who doesn't have read access beyond required Firefox folders.

E.g. http://www.linuxjournal.com/content/tec ... pplication
Top
FreemanG
Guest

Re: Block File System Browsing

Post by FreemanG »

aceuk wrote:Thanks for the tip, v360pc. However, I still can't get it working with Firefox v3.5.3. What am I doing wrong?

Code: Select all

          var [url, postData] = this._canonizeURL(aTriggeringEvent);
          
          if (!url)
            return;

          if (url.match(/^file:/) || url.match(/^\//) || url.match(/^resource:/) || url.match(/^about:/)) {
               alert("Access denied.");
               exit
           }
          
          this.value = url;
          gBrowser.userTypedValue = url;
          try {
            addToUrlbarHistory(url);
          } catch (ex) {
            // Things may go wrong when adding url to session history,
            // but don't let that interfere with the loading of the url.
            Cu.reportError(ex);
          }


this works for firefox3.6.8 (Ubuntu Lucid)

Thank you ,
Alex
Top
Fao10rk
Guest

Re: Block File System Browsing

Post by Fao10rk »

It doesn't work with Iceweasel 3.6.13 on webconverger.

about and file are not blocked with the tip in browser.jar/content/browser/urlbarBindings.xml

Any idea to block this access for web kiosk ?
Top
Post Reply

Return to “Firefox Support”