Closed Bug 1551441 Opened 6 years ago Closed 6 years ago

[wpt-sync] Sync PR 16775 - [sms] Restrict SMS Receiver API to Top Level Frames

Categories

(Testing :: web-platform-tests, defect, P4)

Product:
Testing
Component:
web-platform-tests
Type:
defect

Tracking

(firefox69 fixed)

Status:
RESOLVED FIXED
Milestone:
mozilla69
Tracking Flags:
Tracking Status
firefox69 --- fixed

People

(Reporter: wpt-sync, Unassigned)

References

(
URL
)

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 16775 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/16775
Details from upstream follow.

Ayu Ishii <ayui@chromium.org> wrote:

[sms] Restrict SMS Receiver API to Top Level Frames

This change restrictes the SMS Receiver API to only be used from top level
frames to prevent malicious sites from accessing the one time passcodes
for signup. Restriction in the browser process will be added in a
following CL.

Bug: 955765
Change-Id: Ie11e3b1fc6c9bf4597bde880d5083fec7255b79a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1594211
Reviewed-by: Reilly Grant \<reillyg@chromium.org>
Commit-Queue: Ayu Ishii \<ayui@chromium.org>
Cr-Commit-Position: refs/heads/master@{#658694}

PR 16775 applied with additional changes from upstream: f2042608e4921a143639225b94e4706aad1ffa19
Failed to get results from try push
Pushed by james@hoppipolla.co.uk: https://hg.mozilla.org/integration/mozilla-inbound/rev/4b2240ba0dc8 [wpt PR 16775] - [sms] Restrict SMS Receiver API to Top Level Frames, a=testonly

https://hg.mozilla.org/mozilla-central/rev/4b2240ba0dc8

Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox69: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
You need to log in before you can comment on or make changes to this bug.