Closed
Bug 874318
Opened 11 years ago
Closed 11 years ago
XOWs shouldn't allow CALL
Categories
(Core :: XPConnect, defect)
Tracking
()
RESOLVED
FIXED
mozilla24
People
(Reporter: bholley, Assigned: bholley)
Details
Attachments
(1 file)
|
1.14 KB,
patch
|
mrbkap
:
review+
|
Details | Diff | Splinter Review |
It doesn't come up in the web platform, and probably doesn't matter, but I still don't think there's any reason why we should be allowing it. Let's see if anything breaks.
|
Assignee | |
Comment 1•11 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=a7f23d3e6cee
|
|
Assignee | |
Comment 2•11 years ago
|
||
Optimistically flagging for review. Feel free to cancel if the try push is orange and I haven't cancelled it yet myself.
Attachment #752003 -
Flags: review?(mrbkap)
|
||
Comment 3•11 years ago
|
||
Comment on attachment 752003 [details] [diff] [review] Don't allow CALL on XOWs. v1 Sure. I'd always sort of thought of this as a purely object-caps model (if you get your hands on a function, you have that capability) but calling a DOM constructor cross origin is probably never a good idea.
Attachment #752003 -
Flags: review?(mrbkap) → review+
|
|
Assignee | |
Comment 4•11 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/39cc37f82756
|
||
Comment 5•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/39cc37f82756
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla24
You need to log in
before you can comment on or make changes to this bug.
Description
•