Closed Bug 1472221 Opened 6 years ago Closed 6 years ago

Ensure that privileged content process never loads untrusted inputs

Tracking

()

Status:

RESOLVED WONTFIX

People

(Reporter: imjching, Unassigned)

References

Details

Jay Lim [:imjching]

Reporter

Description

•

6 years ago

At the moment, the privileged content process behaves just like web content processes. We should find a way to ensure that the privileged content process never loads untrusted input (pages, scripts).

We have not decided what kind of privileged access do we want to give the privileged content process yet, but we should probably add this restriction first before doing that.

Kate Hudson :k88hudson

Comment 1

•

6 years ago

Are you planning on working on this or do you need help from someone with this Jay?

Flags: needinfo?(jlim)

Jay Lim [:imjching]

Reporter

Comment 2

•

6 years ago

After discussing with :mconley, we think that this will be a NOFIX. We don't plan to give this content process more privileges, and therefore, we do not need to add this restriction. See Bug 1473146.

Flags: needinfo?(jlim)

Mike Conley (:mconley) (:⚙️)

Updated

•

6 years ago

Status: NEW → RESOLVED

Closed: 6 years ago

Resolution: --- → WONTFIX

Nobody; OK to take it and work on it

Assignee

Updated

•

5 years ago

Component: Activity Streams: Newtab → New Tab Page

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Ensure that privileged content process never loads untrusted inputs

Categories

(Firefox :: New Tab Page, enhancement)

Tracking

()

People

(Reporter: imjching, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2

Updated

Updated