User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:11.0) Gecko/20100101 Firefox/11.0 Build ID: 20120410121533 Steps to reproduce: Facebook, among other sites, put regular links on the page, (and without overriding the status bar away from showing the href of the link) but then attach onmousedown() handlers to rewrite the links when users click on them to bounce through themselves. There is nothing to prevent this link from being rewritten to going anywhere, including arbitrary 3rd-party sites, much to the users confusion. Sure, web sites can already take the user anywhere with javascript. (isn't there a about:config to disallow this?) but I just think that this confuses users. Perhaps if the website is overriding the status bar message, then they can be allowed to change this, I don't know. What are the other use cases do we have to think about? Perhaps just the href will be immutable to the javascript run from the handler? It seems like I can bypass sme of these handlers by simply middle-clicking on the link to open in a new tab, which i end up doing almost exclusively. Once you tell the user that this link is going somewhere, allowing it to go somewhere else seems really bad.

sry about that, i did try to look for duplicates before i filed this