discussion: revisit dom.event.contextmenu.enable about user.js HOT 10 CLOSED

I have already mentioned this one one. Personaly I have set it to true, since it breaks functionality on some context menu richer pages I am using, for example (Outlook Web Access for Email).
If this is set to false, then I can't get the email actions context menu like reply, reply to all, mark as read, etc...
In case I would like to get the standard FF context menu on those pages, I can still right-click anywhere on the page where contextmenu event is not bind on.

But I am still unsure about privacy/security concerns when set to true.

from user.js.

I rarely find sites that use it: I stumbled on a page with an exploit code, which the author didn't want to be copied. Same applies to images. It's not a user security concern.

from user.js.

IF there are no security (and privacy) concerns, then should this be moved to the personal section?

I don't think so. It's under UI Meddling and that's exactly what it does. Back in the day, some sites tried to use it in a futile attempt to prevent looking at the source code and as @Atavic said, in some cases as a really stupid attempt to try and prevent users from saving images. idk if someone nowadays still thinks this shit flies. I don't mind though if you want to comment it out by default and let the end-users decide. I'm also not aware of any privacy/security issues this has, but UI Meddling is still what this does and where it fits, IMO.

from user.js.

Not sure for tumbs up/down.
Does it mean?
Thumbs up = dom.event.contextmenu.enable = false
Thumbs down = dom.event.contextmenu.enable = true
Or vice versa?

from user.js.

I was considering removing it altogether from my prefs.js because it breaks youtube right click.

from user.js.

For what it's worth I have this pref commented out:

• It breaks right-click functionality in some web applications (including my tt-rss instance)
• There is no known way to abuse this (or is there?) and I can't think of any (disguise as a normal browser right-click menu, and then do... what?)

Git blame on this pref on pyllyuko's repo shows no relevant commit message/explanations. It was first introduced as false pyllyukko/user.js@a366678, then commented out pyllyukko/user.js@736d36e. I intend to leave it commented out, in the UI-related section, which is the right section.

from user.js.

thumbs down = we move 2201 to the 3200s personal section and renumber it

The ratio pertinence/bother (be it on few but important sites) is too low to change dom.event.contextmenu.enable from default=true to false.

from user.js.

Most commenters seem to want the default changed and don't care which section its under.
IMO we should disregard the votes, keep it in UI Meddling but comment it out.
We can still keep it enabled in our own local versions

from user.js.

True, @Thorin-Oakenpants , I should have pointed out that I was referring to the default value rather than its section. It should be commented out IMO, and it's even surprising it isn't considering that all settings which present a flagrant pro/con are, as far as I know the list and I know it quite well. True also that I don't use sections but rather my own grouping methodology which has at least the advantage of obliging me to understand a setting and its implications before adding it -- commented out or not -- to my own user.js file.

Adding this : if all settings were commented out users would have to think twice, would need to know what they are allowing/forbidding before commenting in or not, and take full responsibility of their decisions. Some just copy the user.js file in their profile, blindly, and then start complaining because they don't get a feature any more....

from user.js.

Adding this : if all settings were commented out users would have to think twice, would need to know what they are allowing/forbidding before commenting in or not, and take full responsibility of their decisions. Some just copy the user.js file in their profile, blindly, and then start complaining because they don't get a feature any more....

very interesting! I wouldn't even be totally against it, but I still see why it would be problematic even if we would decide to go that route.

• if someone who just blindly puts it in his/her profile without even glancing over it (to realize that it does absolutely nothing by default), it would give them a wrong feeling of protection.
• the kind of people who just blindly put a user.js in the profile BUT DO glance over it, they would just delete it and go find another user.js to blindly put into their profile. And they would most likely also be the kind of person who goes to reddit and bitches about what a stupid user.js the ghacks-version is and that we are all elitist assholes and maybe even terrorists or worse.

Not that I give a single shit about those kinds of persons opinions, but I for one also appreciated the pre-selection (active prefs and commented prefs) that Pants put in the file, when I first started using it.

TLDR: it wouldn't change anything for the people who use it blindly and it would make it harder for people like you and me when they first find this user.js and want to start using it.

from user.js.