On 03/02/2012 16:58, Brian Smith wrote:
>> From
>>
https://wiki.mozilla.org/Privacy/Reviews/OpenSearch#Identity_transmission:
>
>>
> "Since this feature only transmits the selected text (or entered text
> for global search), and since no cookies are transmitted with search
> queries, this risk is minimal and limited to severe accidental misuse
> of the feature."
>
> 1. Don't we send cookies with searches out of the Firefox search box?
> Why should Thunderbird behave differently?
I'm not sure exactly what this is/what you're describing here.
> 2. Shouldn't Thunderbird be doing these searches in the user's
> default web browser, specifically so that the user's cookie store and
> other browser settings/features (including privacy-protecting
> settings, features, and addons) can be used?
Thunderbird uses the gecko cookie store and has the relevant preferences
UI. Some add-ons, e.g. noscript are already available for Thunderbird.
We want to do search within Thunderbird to reduce application level
context switching whilst reading emamil.
> 3. In particular, without cookies, Thunderbird won't be able to do
> HTTPS-protected Google searches, right? (Yesterday, the networking
> team was just discussing how we could do the redirect from HTTP to
> HTTPS Google locally. We were thinking of doing so for performance
> reasons, but obviously it has positive privacy implications too. But,
> it won't work without the user's cookies, at least according to
> Google's current policy.)
See above.
Mark.