Open
Bug 1166891
Opened 9 years ago
Updated 2 years ago
Allow specifying a principal on XUL image elements and use that principal to do the image load (and maybe also a referrer policy?)
Categories
(Core :: XUL, defect, P5)
Core
XUL
Tracking
()
NEW
| Tracking | Status | |
|---|---|---|
| firefox41 | --- | affected |
People
(Reporter: Gijs, Unassigned)
References
Details
+++ This bug was initially created as a clone of Bug #1119386 +++ In order to do proper security checks when loading images in a xul:image element, we need to know what principal initiated their load. Right now all we have is the node principal, which is the XUL node, which will (at least in Firefox) always have the system principal. It'd be good if we supported a way for JS to fixing the principal to something else (less privileged) so that layout can use that to do the load. The code that does the load seems to be here: http://hg.mozilla.org/mozilla-central/annotate/8d8df22fe72d/layout/xul/nsImageBoxFrame.cpp#l208 , and looking at it, it seems like we might also need to get the right referrer policy? Seth, can you clarify? Is my understanding correct that this code is only used for XUL-based image loads?
Flags: needinfo?(seth)
|
||
Comment 1•9 years ago
|
||
(In reply to :Gijs Kruitbosch from comment #0) > Is my > understanding correct that this code is only used for XUL-based image loads? Yep, that's correct. Unfortunately I can't help much more than that, as I have little experience with the security side of things.
Flags: needinfo?(seth)
|
||
Updated•8 years ago
|
Priority: -- → P5
|
||
Updated•8 years ago
|
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•