Closed
Bug 652575
Opened 14 years ago
Closed 14 years ago
Validator should flag presence of "capability.policy"
Categories
(addons.mozilla.org Graveyard :: Developer Pages, defect, P3)
addons.mozilla.org Graveyard
Developer Pages
Tracking
(Not tracked)
VERIFIED
FIXED
6.1.0
People
(Reporter: jorgev, Assigned: basta)
Details
(Whiteboard: [ReviewTeam])
Attachments
(1 file)
|
84.01 KB,
image/png
|
Details |
post-fix screenshot
Changing the policy set of preferences can lead to very insecure code. Only a few add-ons use it legitimately, so it's better to show a flag for their use. Since there are several preferences on this root, it's best to do a regexp check on all files.
So, we need to check for the string "capability.policy", and show a warning saying something like "This add-on uses a preference that is potentially unsafe."
|
Assignee | |
Comment 1•14 years ago
|
||
|
|
Assignee | |
Comment 2•14 years ago
|
||
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
|
||
Comment 3•14 years ago
|
||
verified at https://addons-next.allizom.org/en-us/developers/upload/756e03c2304c4b12a9578af099e2f741
Status: RESOLVED → VERIFIED
|
|
||
Comment 4•14 years ago
|
||
|
Reporter | |
Comment 5•13 years ago
|
||
Reclassifying editor bugs and changing to a new whiteboard flag. Spam, spam, spam, spam...
Whiteboard: [required amo-editors] → [ReviewTeam]
|
||
Updated•9 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•