Closed Bug 193255 (clu) Opened 22 years ago Closed 1 year ago

[meta] CheckLoadURI Improvements metabug

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Type:
defect

Tracking

()

Status:
RESOLVED INACTIVE

People

(Reporter: security-bugs, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: meta)

I've delayed too long on this - we need to clean up CheckLoadURI. For starters, protocol handlers should be able to advertise their security requirements, rather than hardcoding them in ScriptSecurityManager. Secondly, I want to try to relax the local file loading restriction if we can do it without opening any holes. This will be a metabug for tracking CheckLoadURI related issues.
Alias: clu
Status: NEW → ASSIGNED
OS: Windows 2000 → All
Hardware: PC → All
Target Milestone: --- → mozilla1.4beta
Depends on: file://
Depends on: 59767
bug 165799 needs to be fixed before you relax file: URL restrictions.
bug 109982 needs to be resolved, possibly by adding blocking javascript cookies from file (as ftp is currently blocked).
Clearing milestone
Target Milestone: mozilla1.4beta → ---
bug 29079 should be fixed: dos device drivers in windows 98.
Depends on: 29079
Depends on: 219029
Depends on: 220711
Depends on: 233108
I would suggest to add bug 310056 and bug 93787 to the depends list.
Keywords: meta
Depends on: 327244
Assignee: security-bugs → dveditz
Status: ASSIGNED → NEW
QA Contact: bsharma → toolkit
Assignee: dveditz → nobody
Summary: CheckLoadURI Improvements metabug → [meta] CheckLoadURI Improvements metabug
Severity: normal → S3

closing as we haven't been using it for a while

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → INACTIVE
You need to log in before you can comment on or make changes to this bug.