Closed
Bug 925802
Opened 12 years ago
Closed 12 years ago
Nothing enforces that mozAnon is set to true for mozSystem XHRs
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
DUPLICATE
of bug 927196
People
(Reporter: sicking, Unassigned)
Details
The following call should always fail:
new XMLHttpRequest({ mozSystem: true });
Instead you are supposed to be required to do
new XMLHttpRequest({ mozSystem: true, mozAnon: true });
I.e. setting mozSystem to true should only be allowed when mozAnon is set to true. I don't see that being enforced anywhere in the code. This is a security problem and should block.
The fix is trivial, but we also need tests.
Can we backport a fix to 1.1 still? If not we should take this for 1.2.
|
Reporter | |
Comment 1•12 years ago
|
||
Patches happening in bug 927196.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
|
||
Updated•12 years ago
|
blocking-b2g: leo? → ---
|
||
Updated•10 years ago
|
Group: core-security → core-security-release
|
||
Updated•9 years ago
|
Group: core-security-release
|
Assignee | |
Updated•7 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•