Closed
Bug 1029253
Opened 10 years ago
Closed 9 years ago
(shumway) Redirects on policy files should be disallowed
Categories
(Firefox Graveyard :: Shumway, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: mwobensmith, Unassigned)
References
Details
This pertains to content that loads data via flash.net.URLLoader, but likely affects all Flash data-loading APIs.
Currently, Shumway supports master policy files named crossdomain.xml that are located in the root directory of a web server. However, if the file is redirected, the policy file at the final URL is honored. This should be disallowed.
Policy file spec:
http://www.senocular.com/pub/adobe/crossdomain/policyfiles.html
|
Reporter | |
Updated•10 years ago
|
Severity: normal → major
|
||
Updated•10 years ago
|
Blocks: shumway-m4
|
|
Reporter | |
Comment 1•10 years ago
|
||
Rephrased, this is a security issue. A malicious SWF could retrieve a permissive policy file from a domain it controls, and the domain could redirect to a 3rd party and/or intranet site, to perform CSRF.
|
Assignee | |
Updated•9 years ago
|
Product: Firefox → Firefox Graveyard
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•