User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 When visiting http://geourl.org/news/2005/03/14/firefox_extension.html, I saw a link to an extension I wanted. The link points on the page points to http://www.splintered.co.uk/extensions/geourl_0.2.xpi, which resides on another domain. After clicking the link, the dialog box popped up asking if I would like to add "geourl.org" to my allowed sites list instead of splinterred.co.uk. Adding GeoURL's site instead, I then re-clicked on the link. The extension installed. I propose that, in theory, someone who has their site to allow mozilla.org may be able to click on a comment or other non-moderated content to access http://example.com/malware.xpi without ever being prompted that they are leaving the host site, and heading off to an unknown server. Of course, one could simply look at the taskbar, but software has to be written to the lowest common denominator. What if the comment for the GMail notifier said something like "This version is old. Click [[here]] for the newest edition," linking off to an untrusted server. I welcome your comments. - Stephen Reproducible: Always Steps to Reproduce: 1. Visit http://geourl.org/news/2005/03/14/firefox_extension.html 2. Click on the link in the center of the page. A dialog box asking you to accept plugins from "geourl.org" will pop-up. 3. Add geourl.org to your list. 4. Click the link again. Actual Results: The plugin is ready to install from another site you did not approve. No additional debugging data is available.

This is as-designed. We want people to install from trusted clearing-house like sites which can reference other locations. The true location of the install itself appears on the confirmation dialog, and users should weigh the actual source along with the reputation accorded to the recommending site. This also covers situations such as the site being https://addons.mozilla.org but the content being on ftp://ftp.mozilla.org without having to whitelist *.mozilla.org which would potentially open people to unsanitized content on bugzilla.mozilla.org or other more forum-like mozilla.org sites.

*** Bug 306000 has been marked as a duplicate of this bug. ***