All DOM security checks inadvertently disabled

VERIFIED FIXED in M13

Status

()

P3
normal
VERIFIED FIXED
19 years ago
19 years ago

People

(Reporter: norrisboyd, Assigned: norrisboyd)

Tracking

Trunk
All
Windows NT
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Assignee)

Description

19 years ago
Currently all DOM security checks have been disabled. This means form value
fields, etc, can be accessed by scripts from any domain.
(Assignee)

Updated

19 years ago
Status: NEW → ASSIGNED
Target Milestone: M13
(Assignee)

Comment 1

19 years ago
I have a one-character fix. Would like to get this in M13.
(Assignee)

Updated

19 years ago
Status: ASSIGNED → RESOLVED
Last Resolved: 19 years ago
Resolution: --- → FIXED
(Assignee)

Comment 2

19 years ago
Checking in nsScriptSecurityManager.cpp;
/m/pub/mozilla/caps/src/nsScriptSecurityManager.cpp,v  <--  nsScriptSecurityMana
ger.cpp
new revision: 1.40; previous revision: 1.39
done

Comment 3

19 years ago
Verified fixed.
Status: RESOLVED → VERIFIED

Comment 4

19 years ago
Bulk moving all Browser Security bugs to new Security: General component.  The 
previous Security component for Browser will be deleted.
Component: Security → Security: General
You need to log in before you can comment on or make changes to this bug.