Comment 113 for bug 239826

(In reply to comment #88)
> I guess the next question is why is view source doing anything at all, surely
> it shouldn't be formatting or parsing anything it should just be a raw dump of
> the html not some beautified representation of what the html might have looked
> like in an ideal world.

Your "surely" there goes too far. We could secure the entire avenue of attack by just removing view source altogether, but that would be over-restrictive because we believe that view source provides a function which is valuable to our users and aligned with our mission. Indeed, the ability to view the source of a web page is central to its openness. For similar reasons, we hold ourselves to a higher standard in terms of the quality of that experience than "straight dump of bytes" - you can have that with wireshark if you want, and skip the "ignore this warning" step completely. Our view source is linkified, syntax highlighted, and supports text- and position-searching because those make it a more effective tool. People who click through the (double!) warnings to view the source are, implicitly, signing up for a marginal increase in risk by doing so. We're not going to remove the functionality in order to mitigate that, though.