Open Bug 1390740 Opened 7 years ago Updated 2 years ago

No safe warning or sandbox when load an add-on from about:debugging#addons

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: yfdyh000, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: csectype-other, dupeme)

YF (Yang)

Reporter

Description

•

7 years ago

I was surprised that it was still not being added any warnings or restrictions.

Assuming an article guides users to open this page and load an add-on to achieve a goal, the add-on may do a lot of things, like sending, tamper or deletes the user's history, bookmarks, and so on.

Scratchpad and Web Console have related warnings, but here is not yet.

Julian Descottes [:jdescottes]

Comment 1

•

7 years ago

Blocking this on dt-onboarding. The onboarding flow should be enough to prevent accidental/malicious usage of devtools.

Status: UNCONFIRMED → NEW

Depends on: dt-onboarding

Ever confirmed: true

Priority: -- → P3

BMO Automation

Updated

•

6 years ago

Product: Firefox → DevTools

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

No safe warning or sandbox when load an add-on from about:debugging#addons

Categories

(DevTools :: about:debugging, enhancement, P3)

Tracking

(Not tracked)

People

(Reporter: yfdyh000, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: csectype-other, dupeme)

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Updated