Closed Bug 306094 Opened 19 years ago Closed 13 years ago

SVG security review: <svg:script> element

Tracking

()

Status:

RESOLVED WONTFIX

People

(Reporter: jruderman, Unassigned)

References

Details

Jesse Ruderman

Reporter

Description

•

19 years ago

T Rowley mentioned that this is part of the SVG attack surface and could do with
a security review:

  * <script> element - nsSVGScriptElement.cpp

http://lxr.mozilla.org/mozilla/source/content/svg/content/src/nsSVGScriptElement.cpp

Jesse Ruderman

Reporter

Updated

•

19 years ago

Blocks: 306101

Jonathan Watt [:jwatt]

Comment 1

•

16 years ago

So who would do this review? Is it something we should do at this point?

Phil Ringnalda (:philor)

Updated

•

15 years ago

Assignee: general → nobody

QA Contact: ian → general

Jonathan Watt [:jwatt]

Comment 2

•

13 years ago

Feel free to reopen if this is going to actually happen.

Status: NEW → RESOLVED

Closed: 13 years ago

Resolution: --- → WONTFIX

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

SVG security review: <svg:script> element

Categories

(Core :: SVG, defect)

Tracking

()

People

(Reporter: jruderman, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated

Comment 2