I think we can consider this a bug in the firefox plugin. The question is how to fix it. Previously, changes that break backwards compatibility were handled this way:
1. Introduce the fix
2. Provide a means for users to bypass the fix so their passwords aren't incorrectly generated when they upgrade to the latest version. You can see the legacy of this in the multiple versions of MD-5 offered as a hashing algorithm.
We can either go that route now, or take the riskier (but faster and cleaner) route of doing #1 without #2.
Thoughts?
How many people do we really think bother to check "Port, path, anchor, query parameters"?
eric