Closed
Bug 283103
Opened 19 years ago
Closed 19 years ago
security and download dialogs can be spoofed by covering them partially using popup windows
Categories
(SeaMonkey :: General, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dveditz, Assigned: dveditz)
References
(Blocks 1 open bug, )
Details
(Keywords: fixed1.7.6)
Attachments
(1 file)
|
5.75 KB,
patch
|
caillon
:
review+
neil
:
superreview+
caillon
:
approval1.7.6+
|
Details | Diff | Splinter Review |
This is the Suite version of "firespoofing" bug 260560.
|
Assignee | |
Comment 1•19 years ago
|
||
when porting the fixes from bug 260560 watch out for regression 282872
Flags: blocking1.7.6+
|
|
Assignee | |
Updated•19 years ago
|
Flags: blocking1.8b2?
|
||
Comment 2•19 years ago
|
||
Ping. Time running out for 1.7.6, but we really need this fix. Dveditz, if you don't have time to do this work, feel free to assign to me.
|
|
Assignee | |
Comment 3•19 years ago
|
||
This patch ports the fixes from Firefox bug 260560 (including regression fix bug 282872), plus the always-on status bar from bug 22183 that will prevent similar spoofing in any other dialogs we haven't explicitly fixed with this patch.
|
|
Assignee | |
Updated•19 years ago
|
Attachment #176979 -
Flags: superreview?(neil.parkwaycc.co.uk)
Attachment #176979 -
Flags: review?(caillon)
Attachment #176979 -
Flags: approval1.7.6?
|
|
||
Comment 4•19 years ago
|
||
Comment on attachment 176979 [details] [diff] [review] Port fix from 260560/282872 to the suite 1.7 branch Looks good. r=me assuming you've tested it.
|
|
||
Updated•19 years ago
|
Attachment #176979 -
Flags: review?(caillon) → review+
|
||
Comment 5•19 years ago
|
||
Comment on attachment 176979 [details] [diff] [review] Port fix from 260560/282872 to the suite 1.7 branch >+ var script = "document.documentElement.getButton('accept').disabled = false; "; >+ script += "document.documentElement.getButton('extra1').disabled = false; "; >+ script += "document.documentElement.getButton('extra2').disabled = false;"; >+ setTimeout(script, 250); This sure looks ugly, but it'll do for the branch. >+ this._timer.initWithCallback(this, 250, nsITimer.TYPE_ONE_SHOT); You've got a leak here; the timer holds a reference to this and this holds a reference to the timer. You'll need to null out your _timer reference in notify(). (In theory you could replace _delayExpired with !_timer). sr=me for the branch with this fixed.
Attachment #176979 -
Flags: superreview?(neil.parkwaycc.co.uk) → superreview+
|
|
||
Comment 6•19 years ago
|
||
Comment on attachment 176979 [details] [diff] [review] Port fix from 260560/282872 to the suite 1.7 branch a=caillon for 1.7.6 with Neil's changes.
Attachment #176979 -
Flags: approval1.7.6? → approval1.7.6+
|
|
Assignee | |
Comment 7•19 years ago
|
||
Fix checked in to trunk and 1.7 branch
Blocks: 285819
Bug 295447 explains why this is still a problem on GTK2 build.
You need to log in
before you can comment on or make changes to this bug.
Description
•