Closed
Bug 536480
Opened 15 years ago
Closed 13 years ago
Innerize windows when passing to C++ from JS
Categories
(Core :: XPConnect, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: mrbkap, Unassigned)
References
Details
(Whiteboard: [sg:nse mitigation?])
Attachments
(1 file)
6.98 KB,
patch
|
Details | Diff | Splinter Review |
In order to mitigate bug 531364 type attacks, we should innerize windows when passing them to C++. If it turns out that the operation should happen on the outer window, then there will be a FORWARD_TO_OUTER in the relevant function.
Filing as security sensitive for now, but we might be able to open this up.
Reporter | ||
Comment 1•15 years ago
|
||
This is peterv's wip from bug 531364 merged to trunk.
Updated•15 years ago
|
Whiteboard: [sg:nse mitigation?]
Reporter | ||
Updated•15 years ago
|
Summary: Innerize windows when passing from C++ → Innerize windows when passing to C++ from JS
Is there still something that needs to be done here? Perhaps this would benefit from being made public?
Reporter | ||
Comment 4•13 years ago
|
||
Actually, this was fixed as part of brain transplants.
Group: core-security
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•