Having debugged secureLogin v1.0.1 the new failure is occurring in secureLogin.js here:
Code: Select all
1604: this.urlSecurityCheck(url, doc.location.href);
This line is throwing the exception: "Loading of [the url of the login page] denied."
Note: this check only occurs if the 'Activate Javascript protection at login' option is enabled.
I'm not clear what the function urlSecurityCheck() is designed to achieve - I can't find
any documentation for this function - however, if we comment out this line of code everything works again.
I don't know if secureLogion poorly implements urlSecurityCheck(), or whether FF17 has broken something more fundamental. urlSecurityCheck() certainly doesn't seem to do anything important to the actual login process, it's simply running some kind of check, possibly checking that the page's form url matches the page's own url, maybe some kind of phishing protection, maybe something more clever. I have no idea.
Ben.
XUL is dead. Long live the Google Chrome Clones.