Closed
Bug 1501803
Opened 7 years ago
Closed 4 years ago
[1364] #9: Implement test to prevent regression of JS alerts vulnerability
Categories
(Firefox for FireTV Graveyard :: Security: General, defect)
Firefox for FireTV Graveyard
Security: General
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: mcomella, Unassigned)
References
Details
(Keywords: sec-other)
Bug 1486879 must be implemented first: we should write a regression test to ensure this doesn't regress. This may depend on the implementation (e.g. if we don't handle JS alerts at all, we check they don't show up; if we disable them after repeated sends, we should test for that).
|
||
Updated•6 years ago
|
Group: firefox-core-security → mobile-core-security
|
Reporter | |
Comment 1•6 years ago
|
||
To be more explicit about the work to be done here: iirc, we no longer show dialogs for JS alerts (the default behavior) to prevent them from being spammed infinitely. We should write a test that verifies that a page that injects, "alert(...); confirm(...); prompt(...);" js will not show dialogs.
iirc, this test already exists for FFES: https://searchfox.org/mozilla-mobile/rev/9862df1b488acaeb27e83b7d062064252ba62473/firefox-echo-show/app/src/androidTest/java/org/mozilla/focus/integration/IWebViewDoesNotDisplayJsDialogsTest.kt
We should consider writing this test to be abstract to any application and sharing it via android-components.
|
||
Comment 2•4 years ago
|
||
Product is not getting updates. https://support.mozilla.org/en-US/kb/end-support-firefox-amazon-devices
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
|
|
||
Updated•2 months ago
|
Group: mobile-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•