All users were logged out of Bugzilla on October 13th, 2018
Created attachment 626787 [details] Pull request 451 Bug 553102 is aiming to set a new default security pattern for wrappers of chrome objects exposed to content. So that for any such object, none of its attributes will be accessible to content. In order to give access to any attribute, you will now have to explicitely define this priviledge through __exposedProps__ attribute.
Attachment #626787 - Flags: review?(rFobic)
We may want to push this fix in 1.8 release, based on decisions made in bug 553102.
I'd be fine with aggressively taking this in 1.8 regardless of whether it looks likely that platform will flip the switch.
Attachment #626787 - Flags: review?(rFobic) → review+
Commits pushed to master at https://github.com/mozilla/addon-sdk https://github.com/mozilla/addon-sdk/commit/1472d2ba3b3715004f1f3c489a108a61db548c3e Bug 758203: Fix upcoming breakage from bug 553102 flipping __exposedProps__ default behavior. https://github.com/mozilla/addon-sdk/commit/2dbc97ffa2a14325c03b76f3a293c5917d36e74e Merge pull request #451 from ochameau/fix-exposedProps Bug 758203: Fix upcoming breakage from bug 553102 flipping __exposedProps__ default behavior r=@gozala
kwierso: could you include this for 1.8?
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Commit pushed to stabilization at https://github.com/mozilla/addon-sdk https://github.com/mozilla/addon-sdk/commit/2ab2e352150d855d6cb34fff5a70469c13bb2b15 Bug 758203: Fix upcoming breakage from bug 553102 flipping __exposedProps__ default behavior. (cherry picked from commit 1472d2ba3b3715004f1f3c489a108a61db548c3e)
You need to log in before you can comment on or make changes to this bug.