Closed Bug 1195555 Opened 5 years ago Closed 1 year ago
Potential security issues with "Save Link As"
I'm filing this bug as follow from bug 1136055. Relevant comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1136055#c47 https://bugzilla.mozilla.org/show_bug.cgi?id=1136055#c57 Potential issues: > * should save link as go through any security checks? Should we be calling > the Content Policy API? > * should we be passing the doc principal or system principal to loadInfo. > * save-link-as and urlSecurityCheck save-link-as goes through urlSecurityCheck. But if save-link-as goes through a redirect, urlSecurityCheck won't get called on it and we could potentially let something through we shouldn't. Gijs and I both tried testing this and have thankfully had no luck. But its something to look closer at. When we move security checks, we should set appropriate flags on LoadInfo to make sure a redirect goes through the same security checks that the original link went through for save-link-as. https://people.mozilla.org/~tvyas/https_302_chrome.html
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.