Open
Bug 418992
Opened 18 years ago
Updated 3 years ago
Add API to XMLHttpRequest to limit requests to using built-in certs
Categories
(Core :: XML, enhancement)
Core
XML
Tracking
()
NEW
People
(Reporter: mozbugs, Unassigned)
Details
When talking to sicking about the implementation for bug #383430, he suggested that perhaps as a tangential feature, generalizing the fix for bug #340198 via an XHR attribute (e.g., enforceBuiltinCerts) would be a nice way for other privileged users of XHR to get some extra network security if they wanted to. I'm sure there are extensions out there which do live code updates and would fall prey to the same problem.
Plus I think #including stuff in components is ugly. Though badCertListener.js could be replaced by a JSM.
|
||
Comment 1•3 years ago
|
||
The bug assignee didn't login in Bugzilla in the last 7 months, so the assignee is being reset.
Assignee: mozbugs → nobody
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•