Closed
Bug 824172
Opened 12 years ago
Closed 12 years ago
Re-enable security.fileuri.strict_origin_policy
Categories
(Firefox OS Graveyard :: General, defect)
Tracking
(blocking-basecamp:+, firefox19 fixed, firefox20 fixed, b2g18 fixed)
People
(Reporter: cjones, Assigned: cjones)
Details
Attachments
(1 file)
1.48 KB,
patch
|
sicking
:
review+
|
Details | Diff | Splinter Review |
http://mxr.mozilla.org/mozilla-central/source/b2g/app/b2g.js#361 This opens new potential holes in the gecko VM, but doesn't affect the OS security model.
Comment 1•12 years ago
|
||
Chris, the comment in b2g.js that you reference states "Remove me when we have installable apps or wifi support." Are we ready to revert this pref now?
Flags: needinfo?(jones.chris.g)
Assignee | ||
Comment 2•12 years ago
|
||
We flipped that pref over a year ago when gaia dev was done primarily over file://. That hasn't been possible for a long time, and we do have wifi and installable apps now.
Flags: needinfo?(jones.chris.g)
Updated•12 years ago
|
Assignee: nobody → jonas
blocking-basecamp: ? → +
Assignee | ||
Comment 3•12 years ago
|
||
Assignee: jonas → jones.chris.g
Attachment #695844 -
Flags: review?(jonas)
Comment on attachment 695844 [details] [diff] [review] Re-enable strict file:// security, because yes we have wifi and installed apps now Review of attachment 695844 [details] [diff] [review]: ----------------------------------------------------------------- This is the right thing to do, but I don't think it'll actually affect B2G in any way. It only affects pages which have a file:// URL and I don't think that we have any of those. Hmm.. That does bring up a good question, I wonder what security checks we do for URLs loaded through <iframe mozbrowser>. That's fodder for a separate bug though.
Attachment #695844 -
Flags: review?(jonas) → review+
Assignee | ||
Comment 5•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/5e425fc7bf37
Comment 6•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/5e425fc7bf37
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 7•12 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/0687a40d2076 https://hg.mozilla.org/releases/mozilla-b2g18/rev/4c0b7ae362ba
status-b2g18:
--- → fixed
status-firefox19:
--- → fixed
status-firefox20:
--- → fixed
Target Milestone: --- → B2G C3 (12dec-1jan)
You need to log in
before you can comment on or make changes to this bug.
Description
•