Closed
Bug 608872
Opened 14 years ago
Closed 11 years ago
Brain transplant history objects
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
WORKSFORME
Tracking | Status | |
---|---|---|
blocking2.0 | --- | - |
People
(Reporter: mrbkap, Assigned: mrbkap)
References
Details
(Keywords: sec-want, Whiteboard: [sg:want] preventative[compartments])
History objects are like the outer window in terms of security. We need to brain transplant them to be safe. This relies on brain transplanting wrapped natives, though.
Updated•14 years ago
|
blocking2.0: ? → beta8+
Updated•14 years ago
|
blocking2.0: beta8+ → ?
Updated•14 years ago
|
blocking2.0: ? → beta8+
Updated•14 years ago
|
Whiteboard: [sg:want] preventative
Updated•14 years ago
|
Whiteboard: [sg:want] preventative → [sg:want] preventative[compartments]
Updated•14 years ago
|
Assignee: nobody → mrbkap
Comment 2•14 years ago
|
||
Per discussion with mrbkap and gal we don't need to finalize this for beta8, pushing to beta9.
blocking2.0: beta8+ → beta9+
As per today's meeting, beta 9 will be a time-based release. Marking these all betaN+. Please move it back to beta9+ if you believe it MUST be in the next beta (ie: trunk is in an unshippable state without this)
blocking2.0: beta9+ → betaN+
Updated•14 years ago
|
Whiteboard: [sg:want] preventative[compartments] → [sg:want] preventative[compartments], hardblocker
Updated•14 years ago
|
Whiteboard: [sg:want] preventative[compartments], hardblocker → [sg:want] preventative[compartments][hardblocker]
Comment 4•13 years ago
|
||
Given that we're fixing bug 619359, and the way we're fixing it, we don't need this fixed for 2.0. We still want to do this, but no immediate rush. Moving to blocking .x.
blocking2.0: betaN+ → .x
Whiteboard: [sg:want] preventative[compartments][hardblocker] → [sg:want] preventative[compartments]
Updated•13 years ago
|
blocking2.0: .x+ → -
Assignee | ||
Comment 5•11 years ago
|
||
We don't need to do this -- on old branches, we already have the proper security checks and we deny access entirely to the history object on trunk.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WORKSFORME
Assignee | ||
Comment 6•11 years ago
|
||
On trunk, we deny *cross origin* access to the history object.
Updated•9 years ago
|
Group: core-security → core-security-release
Updated•7 years ago
|
Group: core-security-release
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•