Closed
Bug 309228
Opened 19 years ago
Closed 19 years ago
Default prefs for blocking DOMParser in mailnews have a typo
Categories
(MailNews Core :: Security, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: jruderman, Assigned: mscott)
References
()
Details
(Keywords: fixed1.8, verified1.7.13, Whiteboard: [sg:fix])
Attachments
(1 file)
1.06 KB,
patch
|
jruderman
:
review+
dveditz
:
approval-aviary1.0.8+
dveditz
:
approval1.7.13+
asa
:
approval1.8b5+
|
Details | Diff | Splinter Review |
http://lxr.mozilla.org/mozilla/source/modules/libpref/src/init/all.js 285 // Restrictions on the DOM for mail/news - see bugs 66938 and [bug 84545] 286 pref("capability.policy.mailnews.sites", "mailbox: imap: news:"); ... 346 pref("capability.policy.mailnews.DOMParser,parseFromString", "noAccess"); 347 pref("capability.policy.mailnews.DOMParser,parseFromStream", "noAccess"); Those commas should be periods! I don't know how bad a security hole this is.
Reporter | ||
Updated•19 years ago
|
Flags: blocking1.8b5?
Flags: blocking-aviary1.0.8?
Reporter | ||
Comment 1•19 years ago
|
||
Those prefs were added in bug 152701. This might not be a security hole, because I can't think of how you could use DOMParser for a wiretap-style exploit.
Assignee | ||
Comment 2•19 years ago
|
||
I can change the commas to a period pretty easily :)
Assignee: nobody → mscott
Flags: blocking1.8b5? → blocking1.8b5+
Updated•19 years ago
|
Flags: blocking1.7.13?
Whiteboard: [sg:fix]
Assignee | ||
Comment 3•19 years ago
|
||
Attachment #197121 -
Flags: review?(jruderman)
Reporter | ||
Updated•19 years ago
|
Attachment #197121 -
Flags: review?(jruderman) → review+
Assignee | ||
Updated•19 years ago
|
Attachment #197121 -
Flags: superreview?
Attachment #197121 -
Flags: approval1.8b5?
Assignee | ||
Updated•19 years ago
|
Attachment #197121 -
Flags: superreview?
Attachment #197121 -
Flags: approval1.8b5?
Assignee | ||
Updated•19 years ago
|
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 4•19 years ago
|
||
Comment on attachment 197121 [details] [diff] [review] the fix wow bugzilla got messed up here quite badly.
Attachment #197121 -
Flags: superreview?
Attachment #197121 -
Flags: approval1.8b5?
Reporter | ||
Comment 5•19 years ago
|
||
Minimo contains a copy of the mailnews capability prefs. I think that copy should either stay in sync, or be removed if it's not used.
Comment 6•19 years ago
|
||
i will fix up the all.js for minimo.
Comment 7•19 years ago
|
||
Verified with Mac Thunderbird trunk build 2005-09-23-07-trunk
Status: RESOLVED → VERIFIED
Updated•19 years ago
|
Attachment #197121 -
Flags: approval1.8b5? → approval1.8b5+
Updated•19 years ago
|
Flags: blocking1.7.13?
Flags: blocking1.7.13+
Flags: blocking-aviary1.0.8?
Flags: blocking-aviary1.0.8+
Comment 8•19 years ago
|
||
Comment on attachment 197121 [details] [diff] [review] the fix aviary101/moz17 landing approval: a=dveditz for drivers. Please add the fixed1.7.13 and fixed-aviary1.0.8 keywords when landed.
Attachment #197121 -
Flags: approval1.7.13+
Attachment #197121 -
Flags: approval-aviary1.0.8+
Comment 9•19 years ago
|
||
dveditz to check in for 1.0.8/1.7.13
Assignee | ||
Updated•19 years ago
|
Keywords: fixed-aviary1.0.8
Comment 11•19 years ago
|
||
v.fixed on 1.0.1 Aviary branch by code inspection with LXR: http://lxr.mozilla.org/aviary101branch/source/modules/libpref/src/init/all.js
Keywords: fixed-aviary1.0.8 → verified-aviary1.0.8
Updated•18 years ago
|
Flags: testcase-
Comment 12•18 years ago
|
||
verified on the 1.7 branch using inspection: http://lxr.mozilla.org/mozilla1.7/source/modules/libpref/src/init/all.js Using Mozilla 1.7.13 Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.13) Gecko/20060306. Adding keyword.
Keywords: fixed1.7.13 → verified1.7.13
Comment 13•18 years ago
|
||
Jay verified this fix (Comment 11) on the 1.0.1 aviary branch, so we should okay for Thunderbird 1.0.8.
Updated•18 years ago
|
Group: security
Updated•16 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•