"Firefox will do the same if it's configured that.Is this the default behavior with Safari?" yes it's a default setting . "I don't see that this is a bug. Could you explain a little more fully?" well configured like this by default,it's a security hole . it's a perfect hole for a virus, trojan, etc. you can send any malicous files to a remote desktop via a malicious website or even a XSS , like an executable with a "my computer" icon ( for exemple .. )
