Closed Bug 1029231 Opened 10 years ago Closed 8 years ago

(shumway) Restricted cross-domain data access should trigger SecurityError event, not IOError

Categories

(Firefox Graveyard :: Shumway, defect)

32 Branch
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED INCOMPLETE

People

(Reporter: mwobensmith, Assigned: yury)

References

Details

(Whiteboard: [shumway])

If content on a.com tries to access data on b.com, and the latter site has no permissive crossdomain.xml file, the load should be disallowed and a SecurityError event should be dispatched.

Currently, Shumway blocks the load, but produces an IOError event instead.
Blocks: 1029228
OS: Mac OS X → All
Hardware: x86 → All
Whiteboard: [shumway]
IOW, we have yet to implement SecurityError, from the looks of it.
Till recommends that Yury look into these security issues.
Assignee: nobody → ydelendik
Product: Firefox → Firefox Graveyard
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.