Security/Reviews/FileSaver

Items Reviewed

File Saver - bug 648998

Spamming the user to death with dialogs (UX DoS)
- will implement "never show this alert again" feature -- remembered only for the current window

Bypasses firewall protections for automatic/prompted downloads
- Proposed solution is (see below) to add a pref for disabling this feature
uses same API as download manager & gets mark of the web and virus-scanned<-- should be tested
hooks for extensions?
can downloaded file have executable bit set or executables be saved with exec-able extensions?
- need to ensure that these have same policies applied as regular downloads (no run button)
Does page keep access to file after it is saved? (No, it's just saved and then "hands off, page, you're done.")
truncate() concerns
- this is part of FileWriter which is a different feature
- create file call truncate, file gets extended
- no, this spec item is not on the list to be implemented

Add pref for disabling feature (esp. for other Gecko-based products who don't want to allow it)
- Ensure that disabling the feature also disables feature-detecting webpages. I.e. interface object needs to be gone
Add tests to ensure that files downloaded through this feature go through virus-scanner hooks/ dowload mgr API
- and get mark of the web
Verify and add test to ensure that executable files saved via this feature result in user being presented with same UX as regular downloaded files (e.g., no run button, just save button).