Open Bug 1445198 Opened 6 years ago Updated 2 years ago

Review panel usage spoofing in Firefox

Tracking

()

Status:

NEW

People

(Reporter: jkt, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: csectype-spoof, sec-audit)

Jonathan Kingston [:jkt] he/him

Reporter

Description

•

6 years ago

As a follow up from Bug 1294413 we should review the spoofing of other panels within Firefox.

- It looks like others could be susceptible to moving outside of the content area.
- It looks like the common code could be shared across at least DateTimePicker and FormValidationHandler but it might be usable across more (both of these files have almost identical solutions to the same problems)
- It looks like some of this code might take advantages of being embedded into a component in the C++ panel code.
- It looks like text zooming, scaling and minifying windows are handled differently per panel also

Daniel Veditz [:dveditz]

Updated

•

6 years ago

Keywords: csectype-spoof, sec-audit

Matthew N. [:MattN]

Updated

•

5 years ago

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Review panel usage spoofing in Firefox

Categories

(Firefox :: Security, enhancement, P2)

Tracking

()

People

(Reporter: jkt, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: csectype-spoof, sec-audit)

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated