Open Bug 1367038 Opened 7 years ago Updated 2 years ago

contentAreaDropListener should not fall back to using the systemPrincipal if mozSourceNode is not available on datatransfer

Tracking

()

Status:

NEW

People

(Reporter: ckerschb, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog1])

Christoph Kerschbaumer [:ckerschb]

Reporter

Description

•

7 years ago

See [1] for details:

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1363977#c13

Christoph Kerschbaumer [:ckerschb]

Reporter

Updated

•

7 years ago

Blocks: 1363977

Priority: -- → P3

Whiteboard: [domsecurity-backlog1]

Christoph Kerschbaumer [:ckerschb]

Reporter

Updated

•

7 years ago

No longer blocks: 1363977

Christoph Kerschbaumer [:ckerschb]

Reporter

Updated

•

7 years ago

Blocks: 1363977

Jonathan Kingston [:jkt] he/him

Comment 1

•

6 years ago

This appears to have moved to: https://searchfox.org/mozilla-central/rev/403038737ba75af3842ba6b43b6e2fb47eb06609/dom/base/contentAreaDropListener.js#181

Depends on: CVE-2018-5181

Summary: LoadTabs within tabbrowser.xml should not fall back to using the systemPrincipal if mozSourceNode is not available on datatransfer → contentAreaDropListener should not fall back to using the systemPrincipal if mozSourceNode is not available on datatransfer

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

contentAreaDropListener should not fall back to using the systemPrincipal if mozSourceNode is not available on datatransfer

Categories

(Core :: DOM: Security, defect, P3)

Tracking

()

People

(Reporter: ckerschb, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog1])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Comment 1

Updated