Closed
Bug 1476632
Opened 6 years ago
Closed 6 years ago
Security Review: Layout engine changes for CSS Shapes support
Categories
(Firefox Graveyard :: Security: Review Requests, enhancement)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: cr, Assigned: cr)
Details
(Whiteboard: testing)
This if for tracking the review requirement that came out of the CSS Shapes Risk assessment in bug 1451642.
Assignee | ||
Updated•6 years ago
|
Whiteboard: security review
Comment 1•6 years ago
|
||
Not to self: this is useful reading https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_Shapes/Overview_of_CSS_Shapes
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → cr
What is the planned work here? Is this "test the CSS shapes feature and see if there any overlooked security edge cases" ?
Flags: needinfo?(cr)
Updated•6 years ago
|
Whiteboard: security review → testing
Assignee | ||
Comment 3•6 years ago
|
||
I don't know yet how to approach this in terms of testing.
Flags: needinfo?(cr)
(In reply to Christiane Ruetten [:cr] from comment #3)
> I don't know yet how to approach this in terms of testing.
The question was as much "is there anything we can practically test"? Im not sure there really is - about the only threat I can think of (apart from implementation bugs) is perhaps some kind of cross-origin inference of data based on occlusion or something. But that sounds more like a research project that something we can practically achieve in the short term.
Dropping to prioritse other things.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
Updated•5 years ago
|
Product: Firefox → Firefox Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•