Bug 24378

All DOM security checks inadvertently disabled

VERIFIED FIXED in M13

Get help with this page

Status

()

Product:

Component:

Importance:

normal

Status:

VERIFIED FIXED

Reported:

19 years ago

Modified:

19 years ago

People

(Reporter: norrisboyd, Assigned: norrisboyd)

Tracking

Version:

Trunk

Target:

M13

Platform:

All

Windows NT

Points:

---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Norris Boyd

(Assignee)

Description

•

19 years ago

Currently all DOM security checks have been disabled. This means form value
fields, etc, can be accessed by scripts from any domain.

Norris Boyd

(Assignee)

Updated

•

19 years ago

Status: NEW → ASSIGNED

Target Milestone: M13

Norris Boyd

(Assignee)

Comment 1

•

19 years ago

I have a one-character fix. Would like to get this in M13.

Norris Boyd

(Assignee)

Updated

•

19 years ago

Status: ASSIGNED → RESOLVED

Last Resolved: 19 years ago

Resolution: --- → FIXED

Norris Boyd

(Assignee)

Comment 2

•

19 years ago

Checking in nsScriptSecurityManager.cpp;
/m/pub/mozilla/caps/src/nsScriptSecurityManager.cpp,v  <--  nsScriptSecurityMana
ger.cpp
new revision: 1.40; previous revision: 1.39
done

John Unruh

Comment 3

•

19 years ago

Verified fixed.

Status: RESOLVED → VERIFIED

leger

Comment 4

•

19 years ago

Bulk moving all Browser Security bugs to new Security: General component.  The 
previous Security component for Browser will be deleted.

Component: Security → Security: General

You need to log in before you can comment on or make changes to this bug.

Bugzilla

All DOM security checks inadvertently disabled

Status

()

People

(Reporter: norrisboyd, Assigned: norrisboyd)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Security

(public)

User Story

Description

Updated

Comment 1

Updated

Comment 2

Comment 3

Comment 4