Closed
Bug 24378
Opened 25 years ago
Closed 25 years ago
All DOM security checks inadvertently disabled
Categories
(Core :: Security, defect, P3)
Tracking
()
VERIFIED
FIXED
M13
People
(Reporter: norrisboyd, Assigned: norrisboyd)
References
()
Details
Currently all DOM security checks have been disabled. This means form value
fields, etc, can be accessed by scripts from any domain.
Assignee | ||
Updated•25 years ago
|
Status: NEW → ASSIGNED
Target Milestone: M13
Assignee | ||
Comment 1•25 years ago
|
||
I have a one-character fix. Would like to get this in M13.
Assignee | ||
Updated•25 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 2•25 years ago
|
||
Checking in nsScriptSecurityManager.cpp;
/m/pub/mozilla/caps/src/nsScriptSecurityManager.cpp,v <-- nsScriptSecurityMana
ger.cpp
new revision: 1.40; previous revision: 1.39
done
Bulk moving all Browser Security bugs to new Security: General component. The
previous Security component for Browser will be deleted.
Component: Security → Security: General
You need to log in
before you can comment on or make changes to this bug.
Description
•