Closed
Bug 1232295
Opened 9 years ago
Closed 9 years ago
Fix HTMLDocument.open's signature
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
People
(Reporter: Ms2ger, Assigned: Ms2ger)
References
(Depends on 1 open bug)
Details
(Keywords: sec-moderate, Whiteboard: [post-critsmash-triage][adv-main46+])
Attachments
(1 file)
(deleted),
patch
|
khuey
:
review+
|
Details | Diff | Splinter Review |
Not sure how bad this is, but it triggers the assertion in AssertReturnTypeMatchesJitinfo (null instead of object).
Assignee | ||
Comment 1•9 years ago
|
||
Attachment #8697998 -
Flags: review?(khuey)
Comment on attachment 8697998 [details] [diff] [review]
Patch v1
Review of attachment 8697998 [details] [diff] [review]:
-----------------------------------------------------------------
A test?
Attachment #8697998 -
Flags: review?(khuey) → review+
Assignee | ||
Comment 3•9 years ago
|
||
The way I found this was due to the popup blocker being enabled; I'll try to find a way to trigger it with it disabled (like we do in tests).
Updated•9 years ago
|
Keywords: sec-moderate
Updated•9 years ago
|
Group: core-security → dom-core-security
Updated•9 years ago
|
Summary: Fix HTMLElement#open's signature. → Fix HTMLDocument.open's signature.
Updated•9 years ago
|
Group: dom-core-security → core-security-release
Updated•9 years ago
|
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Updated•9 years ago
|
status-firefox45:
--- → wontfix
status-firefox-esr45:
--- → wontfix
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main46+]
Updated•9 years ago
|
Alias: CVE-2016-2815
Summary: Fix HTMLDocument.open's signature. → Fix HTMLDocument.open's signature
Updated•9 years ago
|
Alias: CVE-2016-2815
Updated•8 years ago
|
Group: core-security-release
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•