Closed
Bug 771384
Opened 12 years ago
Closed 12 years ago
Kuma: KumaScript - Limit number of calls to alert() allowed per template instance
Categories
(developer.mozilla.org Graveyard :: Wiki pages, defect)
developer.mozilla.org Graveyard
Wiki pages
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: sheppy, Unassigned)
Details
To prevent possible accidental denial of service incidents, we should limit how many times an alert can be presented within one instance of a template. Perhaps 3-5 to allow them to be used for debugging purposes?
Comment 1•12 years ago
|
||
Do you mean JavaScript alert()? Do you have an example? Don't quite understand the issue
Reporter | ||
Comment 2•12 years ago
|
||
There's no example here. I was thinking that sometimes a JS alert() call might be handy when debugging templates, but then it occurred to me that they could be used to cause some havoc, and that perhaps a limit should be enforced. This may or may not be a big deal (or even an issue at all).
Comment 3•12 years ago
|
||
Doesn't a user need special permissions to edit templates? If that's the case, I would say it's safe to leave things as-is for now. If people abuse alert(), we could look at a blacklist or something similar.
Comment 4•12 years ago
|
||
But the thing is... I don't think there's a way to call alert from a kumascript template - you can't insert <script> into a page, anyway.
Reporter | ||
Comment 5•12 years ago
|
||
Yep, you're right.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
Assignee | ||
Updated•12 years ago
|
Version: Kuma → unspecified
Assignee | ||
Updated•12 years ago
|
Component: Website → Landing pages
Updated•4 years ago
|
Product: developer.mozilla.org → developer.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•