Closed Bug 24378 Opened 25 years ago Closed 25 years ago

All DOM security checks inadvertently disabled

Tracking

()

Status:

VERIFIED FIXED

Milestone:

M13

People

(Reporter: norrisboyd, Assigned: norrisboyd)

References

(
URL
)

Details

Norris Boyd

Assignee

Description

•

25 years ago

Currently all DOM security checks have been disabled. This means form value fields, etc, can be accessed by scripts from any domain.

Norris Boyd

Assignee

Updated

•

25 years ago

Status: NEW → ASSIGNED

Target Milestone: M13

Norris Boyd

Assignee

Comment 1

•

25 years ago

I have a one-character fix. Would like to get this in M13.

Norris Boyd

Assignee

Updated

•

25 years ago

Status: ASSIGNED → RESOLVED

Closed: 25 years ago

Resolution: --- → FIXED

Norris Boyd

Assignee

Comment 2

•

25 years ago

Checking in nsScriptSecurityManager.cpp; /m/pub/mozilla/caps/src/nsScriptSecurityManager.cpp,v <-- nsScriptSecurityMana ger.cpp new revision: 1.40; previous revision: 1.39 done

John Unruh

Comment 3

•

25 years ago

Verified fixed.

Status: RESOLVED → VERIFIED

leger

Comment 4

•

25 years ago

Bulk moving all Browser Security bugs to new Security: General component. The previous Security component for Browser will be deleted.

Component: Security → Security: General

You need to log in before you can comment on or make changes to this bug.

Bugzilla

All DOM security checks inadvertently disabled

Categories

(Core :: Security, defect, P3)

Tracking

()

People

(Reporter: norrisboyd, Assigned: norrisboyd)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated

Comment 2

Comment 3

Comment 4