Closed Bug 1214639 Opened 9 years ago Closed 7 years ago

Unsafe innerHTML/outerHTML/insertAdjacentHTML usage in gaia::tv::system

Categories

(Firefox OS Graveyard :: Gaia::TV::System, defect)

ARM
Gonk (Firefox OS)
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED WONTFIX

People

(Reporter: freddy, Unassigned)

References

Details

(Keywords: sec-want, wsec-xss)

Please see the hints in bug 1211384 about fixing these kinds of problems.
The Firefox OS Security team is there to help you with any kind of question that you may have. You can reach out by setting the needinfo or sec-review flag to fxos@security.bugs

Unsafe call to insertAdjacentHTML:
In smart-system/js/activity_window.js, line 215, column 5:
> this.containerElement.insertAdjacentHTML('beforeend', this.view());
In smart-system/js/app_chrome.js, line 485, column 5:
> this.app.element.insertAdjacentHTML('afterbegin', view);
In smart-system/js/app_chrome.js, line 668, column 9:
> this.app.element.insertAdjacentHTML('afterbegin',
In smart-system/js/attention_indicator.js, line 28, column 7:
> this.containerElement.insertAdjacentHTML('beforeend', this.view());
In smart-system/js/attention_window.js, line 114, column 5:
> this.containerElement.insertAdjacentHTML('beforeend', this.view());
In smart-system/js/base_ui.js, line 28, column 5:
> this.containerElement.insertAdjacentHTML('afterbegin', this.view());
In smart-system/js/entry_sheet.js, line 61, column 5:
> this.container.insertAdjacentHTML('beforeend', view.apply(this));
In smart-system/js/system_dialog.js, line 139, column 5:
> this.containerElement.insertAdjacentHTML('beforeend', this.view());
In smart-system/js/value_selector/value_selector.js, line 126, column 7:
> this.containerElement.insertAdjacentHTML('beforeend', this.view());
In smart-system/js/value_selector/value_selector.js, line 398, column 9:
> this.elements.optionsContainer.insertAdjacentHTML('beforeend',
In smart-system/js/value_selector/value_selector.js, line 403, column 9:
> this.elements.optionsContainer.insertAdjacentHTML('beforeend',

Unsafe assignment to innerHTML:
In smart-system/fxa/js/fxam_error_overlay.js, line 39, column 7:
> this.fxaErrorMsg.innerHTML = messageL10n.html;
In smart-system/fxa/js/fxam_errors.js, line 77, column 7:
> template.innerHTML = `<a id="coppa-link" href="#">${learnMore}</a>`;
In smart-system/fxa/js/screens/fxam_enter_email.js, line 77, column 5:
> this.fxaNotice.innerHTML = tosPnReplaced;
In smart-system/fxa/js/screens/fxam_enter_password.js, line 131, column 5:
> this.fxaHelloKnownUser.innerHTML = helloUserText;
In smart-system/fxa/js/screens/fxam_set_password.js, line 94, column 5:
> this.fxaHelloUser.innerHTML = helloUserText;
In smart-system/fxa/js/screens/fxam_signup_success.js, line 26, column 5:
> this.fxaWillSendEmail.innerHTML = willSendText;
In smart-system/js/app_install_manager.js, line 378, column 5:
> this.imeList.innerHTML = listHtml;
In smart-system/js/ime_menu.js, line 38, column 7:
> dummy.innerHTML = Template('ime-menu-template').interpolate({
In smart-system/js/ime_menu.js, line 91, column 9:
> this.menu.innerHTML += itemTemplate.interpolate({
In smart-system/js/modal_dialog.js, line 377, column 5:
> elements.selectOneMenu.innerHTML = itemsHTML;
In smart-system/js/permission_manager.js, line 544, column 9:
> item_li.innerHTML = template.interpolate({
In smart-system/js/ttlview.js, line 133, column 7:
> this.element.innerHTML = time + ' [' + type + ']';
Summary: Unsafe innerHTML/outerHTML/insertAdjacentHTML usage in gaia::tv → Unsafe innerHTML/outerHTML/insertAdjacentHTML usage in gaia::tv::system
I will stop tracking the bugs and this bug is unassigned. Closing WONTFIX.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.