Closed
Bug 1498560
Opened 6 years ago
Closed 6 years ago
Remove new Function from autocomplete.xml
Categories
(Core :: DOM: Security, enhancement, P3)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla70
| Tracking | Status | |
|---|---|---|
| firefox70 | --- | fixed |
People
(Reporter: vinoth, Assigned: jallmann)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-backlog1])
Attachments
(1 file)
Eval(), new Function() should never execute with system principal.It is being removed everywhere from our codebase as part of Bug 1473549.
The affected code which should be rewritten,
https://dxr.mozilla.org/mozilla-central/rev/c291143e24019097d087f9307e59b49facaf90cb/toolkit/content/widgets/autocomplete.xml#415
|
Reporter | |
Updated•6 years ago
|
Component: Autocomplete → DOM: Security
Product: Toolkit → Core
|
||
Updated•6 years ago
|
Whiteboard: [domsecurity-backlog1]
|
Assignee | |
Updated•6 years ago
|
Assignee: nobody → jallmann
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 1•6 years ago
|
||
|
||
Updated•6 years ago
|
Attachment #9078085 -
Attachment description: Bug 1498560 - Remove `new Function` from autocomplete.xml, r=gijs → Bug 1498560 - Remove `new Function` from autocomplete.xml, r=mak
|
|
Assignee | |
Updated•6 years ago
|
Keywords: checkin-needed
Pushed by apavel@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/dc7cc0b7c0df
Remove new Function from autocomplete.xml, r=mak
Keywords: checkin-needed
|
||
Comment 3•6 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox70:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
You need to log in
before you can comment on or make changes to this bug.
Description
•