Closed Bug 1705202 Opened 3 years ago Closed 2 years ago

Add FTP related protocols to the registerProtocolHandler safelist.

Categories

(Core :: Networking, enhancement, P2)

enhancement

Tracking

()

RESOLVED FIXED
98 Branch
Tracking Status
firefox98 --- fixed

People

(Reporter: asanka, Assigned: valentin)

References

(Blocks 1 open bug)

Details

(Keywords: dev-doc-complete, Whiteboard: [necko-triaged])

Attachments

(2 files)

As a part of removing FTP support in Chromium (and in turn Google Chrome, Edge, etc.) I'd like to release ftp, sftp, ftps protocols as being registrable via registerProtocolHandler.

ChromeStatus entry is here: https://www.chromestatus.com/feature/5762628536238080

I'll follow up with relevant PR to whatwg/html and wpt.

Blink I2S thread is https://groups.google.com/a/chromium.org/g/blink-dev/c/ABhlioapE0E/m/gXL84wPfAAAJ . Please express your support objections here or there as appropriate.

Related whatwg/html issue : https://github.com/whatwg/html/issues/6583

Hi Asanka. You should file an issue on https://github.com/mozilla/standards-positions/issues to get a position on this topic.
I'll keep this bug for necessary changes if we reach a decision.

Blocks: kill-ftp
Severity: -- → S3
Flags: needinfo?(annevk)
Priority: -- → P2
Whiteboard: [necko-triaged]

Ah, I saw this after the GitHub issue. 😊 This seems reasonable to me now FTP is no longer a scheme the browser handles.

Flags: needinfo?(annevk)
Blocks: 1056860
Assignee: nobody → valentin.gosu
Status: UNCONFIRMED → ASSIGNED
Component: Networking: FTP → Networking
Ever confirmed: true

According to https://github.com/mozilla/standards-positions/issues/513
the safe thing to do for FTP URLs when using a protocol handler is to strip
the credentials from them first.

This also adds a test that makes sure credentials are stripped when using
a web protocol handler.

Depends on D136121

Pushed by valentin.gosu@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/b52cf82fbe03
Add FTP related protocols to the registerProtocolHandler safelist. r=annevk
https://hg.mozilla.org/integration/autoland/rev/882c7f9567cd
Strip user & password from FTP schemes when going through webhandler r=Gijs
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 98 Branch

FF98 docs work for this can be tracked in https://github.com/mdn/content/pull/12790

I see from https://github.com/whatwg/html/issues/6583#issue-858243907 that this change is currently non-spec. Will this bugfix remain in the release even if the PR is not accepted?
This will affect how the browser compatibility and MDN documents are updated.

Flags: needinfo?(valentin.gosu)

Presumably this change will be backed out if the PR gets rejected, but that's unlikely given this is a widely supported change.

Flags: needinfo?(valentin.gosu)

Thanks! The spec got updated. I have marked as dev-doc-complete. The browser compatibility update is still in discussion though (you can follow that through issue linked in https://github.com/mdn/content/pull/12790)

You need to log in before you can comment on or make changes to this bug.