Open Bug 1445198 Opened 6 years ago Updated 2 years ago

Review panel usage spoofing in Firefox


(Firefox :: Security, enhancement, P2)





(Reporter: jkt, Unassigned)


(Depends on 1 open bug)


(Keywords: csectype-spoof, sec-audit)

As a follow up from Bug 1294413 we should review the spoofing of other panels within Firefox.

- It looks like others could be susceptible to moving outside of the content area.
- It looks like the common code could be shared across at least DateTimePicker and FormValidationHandler but it might be usable across more (both of these files have almost identical solutions to the same problems)
- It looks like some of this code might take advantages of being embedded into a component in the C++ panel code.
- It looks like text zooming, scaling and minifying windows are handled differently per panel also
See Also: → 643758
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.