SVG security review: <svg:script> element

RESOLVED WONTFIX

Status

()

Core
SVG
RESOLVED WONTFIX
13 years ago
7 years ago

People

(Reporter: Jesse Ruderman, Unassigned)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

13 years ago
T Rowley mentioned that this is part of the SVG attack surface and could do with
a security review:

  * <script> element - nsSVGScriptElement.cpp

http://lxr.mozilla.org/mozilla/source/content/svg/content/src/nsSVGScriptElement.cpp
(Reporter)

Updated

13 years ago
Blocks: 306101
So who would do this review? Is it something we should do at this point?
Assignee: general → nobody
QA Contact: ian → general
Feel free to reopen if this is going to actually happen.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.