In order to mitigate bug 531364 type attacks, we should innerize windows when passing them to C++. If it turns out that the operation should happen on the outer window, then there will be a FORWARD_TO_OUTER in the relevant function. Filing as security sensitive for now, but we might be able to open this up.
Created attachment 418935 [details] [diff] [review] wip This is peterv's wip from bug 531364 merged to trunk.
Is there still something that needs to be done here? Perhaps this would benefit from being made public?
Actually, this was fixed as part of brain transplants.