Open
Bug 193255
(clu)
Opened 21 years ago
Updated 2 years ago
[meta] CheckLoadURI Improvements metabug
Categories
(Core :: Security, defect)
Core
Security
Tracking
()
NEW
People
(Reporter: security-bugs, Unassigned)
References
(Depends on 1 open bug)
Details
(Keywords: meta)
I've delayed too long on this - we need to clean up CheckLoadURI. For starters, protocol handlers should be able to advertise their security requirements, rather than hardcoding them in ScriptSecurityManager. Secondly, I want to try to relax the local file loading restriction if we can do it without opening any holes. This will be a metabug for tracking CheckLoadURI related issues.
Reporter | ||
Updated•21 years ago
|
Alias: clu
Status: NEW → ASSIGNED
OS: Windows 2000 → All
Hardware: PC → All
Target Milestone: --- → mozilla1.4beta
bug 165799 needs to be fixed before you relax file: URL restrictions.
bug 109982 needs to be resolved, possibly by adding blocking javascript cookies from file (as ftp is currently blocked).
I would suggest to add bug 310056 and bug 93787 to the depends list.
Keywords: meta
Updated•18 years ago
|
Assignee: security-bugs → dveditz
Status: ASSIGNED → NEW
QA Contact: bsharma → toolkit
Updated•2 years ago
|
Assignee: dveditz → nobody
Updated•2 years ago
|
Summary: CheckLoadURI Improvements metabug → [meta] CheckLoadURI Improvements metabug
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•