This meta-bug tracks the implementation of an asynchronous JavaScript API for downloads, according to the draft specification linked by this bug's URL field.

How will users do downloads if they have been advised to disable JavaScript because of a security vulnerability? It might be necessary to download a patch or new version of a Mozilla application to eliminate that vulnerability.

(In reply to David E. Ross from comment #2) > How will users do downloads if they have been advised to disable JavaScript > because of a security vulnerability? It might be necessary to download a > patch or new version of a Mozilla application to eliminate that > vulnerability. This has nothing to do with JavaScript on websites, this is about JavaScript as used by the user interface. Firefox, Thunderbird and SeaMonkey UI is based on XUL and JavaScript, you can't turn it off there anyhow. And websites don't have access to this API.

(In reply to Robert Kaiser (don't count on reactions on anything) from comment #3) > > This has nothing to do with JavaScript on websites, this is about JavaScript > as used by the user interface. Firefox, Thunderbird and SeaMonkey UI is > based on XUL and JavaScript, you can't turn it off there anyhow. And > websites don't have access to this API. Today, I encountered an extension that is compatible with Firefox, Thunderbird, and SeaMonkey. That extension uses JavaScript. If a user disables JavaScript, that extension is broken. Can extensions use the API to avoid that problem? If so, how is that documented for extension developers? Yes, this is likely off-topic. However, this seems to be the only venue where this question can be asked of knowledgeable persons.