Open Bug 193255 (clu) Opened 22 years ago Updated 2 years ago

[meta] CheckLoadURI Improvements metabug

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Type:
defect

Tracking

()

People

(Reporter: security-bugs, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: meta) 

I've delayed too long on this - we need to clean up CheckLoadURI. For starters,
protocol handlers should be able to advertise their security requirements,
rather than hardcoding them in ScriptSecurityManager. Secondly, I want to try to
relax the local file loading restriction if we can do it without opening any
holes. This will be a metabug for tracking CheckLoadURI related issues.
Alias: clu
Status: NEW → ASSIGNED
OS: Windows 2000 → All
Hardware: PC → All
Target Milestone: --- → mozilla1.4beta
Depends on: file://
Depends on: 59767
bug 165799 needs to be fixed before you relax file: URL restrictions.
bug 109982 needs to be resolved, possibly by adding blocking javascript cookies
from file (as ftp is currently blocked).
Clearing milestone
Target Milestone: mozilla1.4beta → ---
bug 29079 should be fixed: dos device drivers in windows 98.
Depends on: 29079
Depends on: 219029
Depends on: 220711
Depends on: 233108
I would suggest to add bug 310056 and bug 93787 to the depends list.
Keywords: meta
Depends on: 327244
Assignee: security-bugs → dveditz
Status: ASSIGNED → NEW
QA Contact: bsharma → toolkit
Assignee: dveditz → nobody
Summary: CheckLoadURI Improvements metabug → [meta] CheckLoadURI Improvements metabug
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.