Open
Bug 1367038
Opened 7 years ago
Updated 2 years ago
contentAreaDropListener should not fall back to using the systemPrincipal if mozSourceNode is not available on datatransfer
Categories
(Core :: DOM: Security, defect, P3)
Core
DOM: Security
Tracking
()
NEW
People
(Reporter: ckerschb, Unassigned)
References
Details
(Whiteboard: [domsecurity-backlog1])
See [1] for details: [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1363977#c13
Reporter | ||
Updated•7 years ago
|
Comment 1•6 years ago
|
||
This appears to have moved to: https://searchfox.org/mozilla-central/rev/403038737ba75af3842ba6b43b6e2fb47eb06609/dom/base/contentAreaDropListener.js#181
Depends on: CVE-2018-5181
Summary: LoadTabs within tabbrowser.xml should not fall back to using the systemPrincipal if mozSourceNode is not available on datatransfer → contentAreaDropListener should not fall back to using the systemPrincipal if mozSourceNode is not available on datatransfer
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•