XSLT Security Review Action Items

RESOLVED WORKSFORME

Status

()

Core
XSLT
RESOLVED WORKSFORME
15 years ago
6 years ago

People

(Reporter: Heikki Toivonen (remove -bugzilla when emailing directly), Assigned: peterv)

Tracking

(Blocks: 1 bug)

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:audit])

Does XSLT work in sidebar? Any security issues

Do we have security checks on ALL entry points into XSLT, including all
functions that take DOM objects and the stylesheet PI?

Can the evaluate method be called on any document, or does same origin check apply?

There is no pref to disable XSLT on trunk

We need extensible security policies in CAPS, which sites can connect to what etc.

Need to test XSLT for buffer overruns.
Whiteboard: [sg:investigation]
We have had some recent security issues reported in XSLT. We should still do this audit, but the specific items mentioned here are pretty generic and will already be known to potential attackers.
Group: core-security
Whiteboard: [sg:investigation] → [sg:audit]
Yeah, I think this bug doesn't contain any useful action items any more.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.