John Resig (of jQuery fame, now a Mozilla Corp. employee) lets us know that JSON leakage through Array constructor redefinition, one form of so called AJAX-hijacking working on Opera, Safari and Firefox, is going to be impossible on Firefox 3.
Starting with next Beta 2, in facts, most built-in global constructors (
) will be constant: override attempts will raise an error.
This is obviously an incompatible change, even though the “broken” functionality shouldn’t be something you rely upon in your everyday web application.
Anyway, if you find any regression, this is currently tracked under Bug 376957.