Closed Bug 536480 Opened 11 years ago Closed 9 years ago
Innerize windows when passing to C++ from JS
In order to mitigate bug 531364 type attacks, we should innerize windows when passing them to C++. If it turns out that the operation should happen on the outer window, then there will be a FORWARD_TO_OUTER in the relevant function. Filing as security sensitive for now, but we might be able to open this up.
This is peterv's wip from bug 531364 merged to trunk.
Summary: Innerize windows when passing from C++ → Innerize windows when passing to C++ from JS
Is there still something that needs to be done here? Perhaps this would benefit from being made public?
Actually, this was fixed as part of brain transplants.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.