Closed
Bug 965026
Opened 10 years ago
Closed 9 years ago
Audit HomePanel JS APIs to prevent undesired changes and abuse
Categories
(Firefox for Android Graveyard :: Awesomescreen, defect)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: mcomella, Assigned: jdover)
References
Details
For example, freeze Objects, prevent access to vital internal objects, and ensure high-performance. Perhaps write a few abusive test cases too (e.g. call this function hundreds of times in succession).
|
||
Updated•10 years ago
|
Assignee: nobody → lucasr.at.mozilla
Priority: -- → P1
|
||
Comment 2•10 years ago
|
||
This may also fall under the scope of the security review happening in bug 987796.
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → jdover
|
|
||
Comment 3•10 years ago
|
||
A good tool for this would be my kitchen sink add-on: https://github.com/leibovic/hub-kitchen-sink/ I discovered bug 999853 by adding supplying a problematic value for one of the APIs we support. We could try to do all sorts of crazy things with this add-on then make sure it doesn't break the browser. Moving to P2 since this isn't needed for Fx30, but it would be good to address this before we start seriously encouraging developers to use these APIs.
Priority: P1 → P2
|
|
||
Comment 4•10 years ago
|
||
Josh, if you don't have time to work on this, we can make it into a mentor bug. I'm downgrading this from a P2, since there isn't anything really actionable here. We can file separate bugs as we find specific testcases that cause problems.
Flags: needinfo?(bugs)
Priority: P2 → --
|
|
||
Comment 5•9 years ago
|
||
Closing this out, since there isn't anything actionable. We can file bugs if we find problems.
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(bugs)
Resolution: --- → WORKSFORME
|
||
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•