Closed Bug 1498572 Opened 6 years ago Closed 6 years ago

Remove eval from harness.xul

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla65

Tracking Flags:

Tracking

Status

firefox65

---

fixed

People

(Reporter: vinoth, Assigned: vinoth)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

Attachments

(1 file)

Bug 1498572 - Remove eval from harness.xul 6 years ago Vinothkumar Nagasayanan [:vinoth] 46 bytes, text/x-phabricator-request	ckerschb : review+	Details \| Review

Vinothkumar Nagasayanan [:vinoth]

Assignee

Description

•

6 years ago

Eval(), new Function() should never execute with system principal.It is being removed everywhere from our codebase as part of Bug 1473549. The affected code which should be rewritten, https://dxr.mozilla.org/mozilla-central/rev/c291143e24019097d087f9307e59b49facaf90cb/testing/mochitest/harness.xul#51

Vinothkumar Nagasayanan [:vinoth]

Assignee

Updated

•

6 years ago

Component: Mochitest → DOM: Security

Product: Testing → Core

Version: Version 3 → unspecified

Christoph Kerschbaumer [:ckerschb]

Updated

•

6 years ago

Whiteboard: [domsecurity-backlog1]

Vinothkumar Nagasayanan [:vinoth]

Assignee

Comment 1

•

6 years ago

Attached file Bug 1498572 - Remove eval from harness.xul — Details

Vinothkumar Nagasayanan [:vinoth]

Assignee

Updated

•

6 years ago

Assignee: nobody → cegvinoth

Vinothkumar Nagasayanan [:vinoth]

Assignee

Comment 2

•

6 years ago

Comment on attachment 9019020 [details] Bug 1498572 - Remove eval from harness.xul Please kindly review the patch and let me know if changes are needed. Corresponding TRY push for this patch is, https://treeherder.mozilla.org/#/jobs?repo=try&revision=471f14cb23e9edd966f120928ff61f422b7df11a&selectedJob=206979515

Attachment #9019020 - Flags: review?(ckerschb)

Christoph Kerschbaumer [:ckerschb]

Comment 3

•

6 years ago

Comment on attachment 9019020 [details] Bug 1498572 - Remove eval from harness.xul As mentioned in Phabricator, if that works I am fine with it. thanks!

Attachment #9019020 - Flags: review?(ckerschb) → review+

Vinothkumar Nagasayanan [:vinoth]

Assignee

Updated

•

6 years ago

Keywords: checkin-needed

Pulsebot

Comment 4

•

6 years ago

Pushed by ebalazs@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6615d7dcdec1 Remove eval from harness.xul r=ckerschb

Keywords: checkin-needed

Cosmin Sabou [:CosminS]

Comment 5

•

6 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/6615d7dcdec1

Status: NEW → RESOLVED

Closed: 6 years ago

status-firefox65: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla65

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Remove eval from harness.xul

Categories

(Core :: DOM: Security, enhancement, P3)

Tracking

()

People

(Reporter: vinoth, Assigned: vinoth)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Updated

Comment 1

Updated

Comment 2

Comment 3

Updated

Comment 4

Comment 5

Attachment

General

Description

File Name

Content Type