Currently all DOM security checks have been disabled. This means form value fields, etc, can be accessed by scripts from any domain.
I have a one-character fix. Would like to get this in M13.
Status: ASSIGNED → RESOLVED
Last Resolved: 19 years ago
Resolution: --- → FIXED
Checking in nsScriptSecurityManager.cpp; /m/pub/mozilla/caps/src/nsScriptSecurityManager.cpp,v <-- nsScriptSecurityMana ger.cpp new revision: 1.40; previous revision: 1.39 done
Status: RESOLVED → VERIFIED
Bulk moving all Browser Security bugs to new Security: General component. The previous Security component for Browser will be deleted.
Component: Security → Security: General
You need to log in before you can comment on or make changes to this bug.