Once again, I had the task of locking down Firefox, so users couldn’t use it to do any harm on a terminal server. Thankfully there’s the guide over at the Faculty of Engineering of the University of Waterloo (by David Collie), who shows which parts to modify.
However, finding the particular part in the Javascript is rather hindersome, so here a short Unix-Diff (for thos who’re able to read unified diffs) as well as the whole file.
1 2 3 4 5 6 7 8 9 10 11 12 |
--- browser.orig.js +++ browser.js @@ -3770,6 +3770,9 @@ onLocationChange: function (aWebProgress, aRequest, aLocationURI) { var location = aLocationURI ? aLocationURI.spec : ""; + if (location.match(/^file:/) || location.match(/^//) || location.match(/^resource:/) || (!location.match(/^about:blank/) && location.match(/^about:/))) { + loadURI("about:blank"); + } this._hostChanged = true; if (document.tooltipNode) { |
And here is the whole file: browser.js
This method however has three disadvantages:
- Display of local HTML files is disabled
- You need to replace the chrome/browser.jar each time, you update your Firefox
- It doesn’t work with Firefox 4!