Closed Bug 1029231 Opened 10 years ago Closed 9 years ago

(shumway) Restricted cross-domain data access should trigger SecurityError event, not IOError

Tracking

(Not tracked)

Status:

RESOLVED INCOMPLETE

People

(Reporter: mwobensmith, Assigned: yury)

References

Details

(Whiteboard: [shumway])

Matt Wobensmith [:mwobensmith][:matt:]

Reporter

Description

•

10 years ago

If content on a.com tries to access data on b.com, and the latter site has no permissive crossdomain.xml file, the load should be disallowed and a SecurityError event should be dispatched. Currently, Shumway blocks the load, but produces an IOError event instead.

Matt Wobensmith [:mwobensmith][:matt:]

Reporter

Updated

•

10 years ago

Blocks: 1029228

Matt Wobensmith [:mwobensmith][:matt:]

Reporter

Updated

•

10 years ago

OS: Mac OS X → All

Hardware: x86 → All

Whiteboard: [shumway]

Matt Wobensmith [:mwobensmith][:matt:]

Reporter

Comment 1

•

10 years ago

IOW, we have yet to implement SecurityError, from the looks of it.

Chris Peterson [:cpeterson]

Updated

•

10 years ago

Blocks: shumway-m4

Chris Peterson [:cpeterson]

Comment 2

•

9 years ago

Till recommends that Yury look into these security issues.

Assignee: nobody → ydelendik

Nobody; OK to take it and work on it

Updated

•

9 years ago

Product: Firefox → Firefox Graveyard

Emma Humphries ☕️🎸🧞‍♀️✨ (she/they) [:emceeaich] (Pacific Time) use needinfo

Updated

•

9 years ago

Status: NEW → RESOLVED

Closed: 9 years ago

Resolution: --- → INCOMPLETE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

(shumway) Restricted cross-domain data access should trigger SecurityError event, not IOError

Categories

(Firefox Graveyard :: Shumway, defect)

Tracking

(Not tracked)

People

(Reporter: mwobensmith, Assigned: yury)

References

Details

(Whiteboard: [shumway])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Comment 1

Updated

Comment 2

Updated

Updated