User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:184.108.40.206) Gecko/20070507 (Gentoo) Build Identifier: I think in almost all cases privileged code will want to ignore untrusted events. Not making it the default just leads to mistakes that are possible exploits. Reproducible: Always
Bug 289940 comment 0 indicates that the plan was for "ignore untrusted events" to be the default for chrome. Is that not what happened?
Chrome ignores untrusted events by default. I think this about other privileged code?
The check is IsCallerChrome(), as I recall. It's really not clear from comment 0 what this bug is about, exactly...
Oh, it looks like I'm mistaken then. I had thought the default was the other way around. Sorry for the noise.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.