Closed
Bug 386036
Opened 17 years ago
Closed 11 years ago
user assisted js execution in editor
Categories
(Thunderbird :: General, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: guninski, Unassigned)
Details
(Keywords: qawanted, sec-low, Whiteboard: 1.8 branch [sg:low?])
Attachments
(1 file)
845 bytes,
message/rfc822
|
Details |
if a user double clicks on an image with js uri in editor js is executed: Error: uncaught exception: Permission denied to get property UnnamedClass.classes Source File: chrome://editor/content/EdImageOverlay.js Line: 381 javascript is executed in the sandbox. trunk doesn't execute js and gives error "can't find principal"
Updated•17 years ago
|
Whiteboard: 1.8 branch
Reporter | ||
Comment 1•17 years ago
|
||
trunk seems safe, js is executed in 2.0 probably [sg:low?]
Whiteboard: 1.8 branch → 1.8 branch [sg:low?]
Comment 2•12 years ago
|
||
Ludovic: I can't reproduce this in 11.0b4. Can you try it on 2.0, 3.1.x and something recent and see if you can confirm as well?
Keywords: qawanted
Updated•12 years ago
|
Attachment #270001 -
Attachment mime type: application/octet-stream → message/rfc822
Comment 3•12 years ago
|
||
I've just tried 2.0.0.24 and couldn't even click on the test case.
Comment 4•11 years ago
|
||
Resolving as incomplete, as we never found the reproduction point for this, and from comment 1, it looks like it may have only ever affected the 2.0 branch anyway.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INCOMPLETE
Updated•10 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•