Closed
Bug 741958
Opened 13 years ago
Closed 12 years ago
[Security Review][Action Item]IM in Thunderbird - witter oauth / apiapi use
Categories
(mozilla.org :: Security Assurance, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: curtisk, Assigned: pauljt)
References
()
Details
(Whiteboard: [start 04/18/2012][target 06/30/2012])
No description provided.
Assignee | ||
Updated•12 years ago
|
Whiteboard: [start 04/18/2012][target 04/25/2012]
Reporter | ||
Comment 1•12 years ago
|
||
:pauljt - where are we on this review, we had a target set back in Apr?
Assignee | ||
Comment 2•12 years ago
|
||
I was waiting on a response from the developer, which I received the end of april. Since Adam took over the thunderbird stuff I send him an email to see if he could take over this review, but not sure if he got that, and I forgot to chase it up.
I either do it, or hand over to adam by the end of the month.
Whiteboard: [start 04/18/2012][target 04/25/2012] → [start 04/18/2012][target 06/30/2012]
Assignee | ||
Comment 3•12 years ago
|
||
Note that this feature is planned to be preffed on in thunderbird 15. (which is aurora now, and beta July 17)
Other relevant parts of the email:
Twitter is part of the IM-in-Thunderbird feature.
The relevant OAuth code is in this file
http://mxr.mozilla.org/comm-central/source/chat/protocols/twitter/twitter.js
starting around the line 370.
If you have done the security review of the BigFiles/FileLink feature,
you may already have reviewed some very similar OAuth code, as it's
actually a fork of the Twitter OAuth code.
Assignee | ||
Comment 4•12 years ago
|
||
Reviewed the linked code and I don't see any issues.
Assignee | ||
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•