Intercept e-mail URL exploits in Firefox or Flock!

[tweak.firefox] Intercept e-mail URL exploits
On the Internet you may come across mailto:/ links. These links automatically start up your standard e-mail program when you (would) link to it. However these mailto:/ link could have security leaks so whatever command can be executed (eg. a format of C: disk in dos!). In Firefox here exists an option that makes you a bit more secure against these potential dangerous mailto:/ links.
In the address bar you now give in: “about:config” (without “”)
Then you look in filter for “warn-external”, and then with the other side of the mouse you click “network.protocol-handler.warn-external.mailto” and click to change the value would become to read true. In this case you will get a warning with the full URL and you can cancel the dangerous command in time. You could follow a similar procedure for “network.protocol-handler.warn-external.news” so usenet programs are not started by default with a possibly dangerous command,

polonus

btw these attached screenshots appear for me to be just mini previews …

please use e.g. imageshack and IMG links …

Hi Dwarden,

Here you go, click for enlargment,

pol

Hi polonus,
You seem to have another preference name there, network.protocol-handler.warn-external.file value = false.
That preference name it isn’t in FF 2.0.0.14 is this a new value in a later beta version ?

I would have though that you would have set that to True also as running an external file would seem to pose a greater risk ?