Closed
Bug 13898
Opened 25 years ago
Closed 25 years ago
[Feature] Review data: protocol for security
Categories
(Core :: Security, defect, P3)
Tracking
()
VERIFIED
FIXED
M16
People
(Reporter: norrisboyd, Assigned: security-bugs)
References
Details
Make sure the origin is correct on the script execution from "data:text/html;,<SCRIPT>...</SCRIPT>"
|
Reporter | |
Updated•25 years ago
|
Status: NEW → ASSIGNED
Summary: Review data: protocol for security → Review data: protocol for security
Target Milestone: M14
|
|
Reporter | |
Updated•25 years ago
|
Summary: Review data: protocol for security → [Feature] Review data: protocol for security
Target Milestone: M14 → M15
|
|
Reporter | |
Comment 1•25 years ago
|
||
Push security review tasks off until M16.
Target Milestone: M15 → M16
Bulk moving all Browser Security bugs to new Security: General component. The previous Security component for Browser will be deleted.
Component: Security → Security: General
|
|
Reporter | |
Comment 3•25 years ago
|
||
Check out http://www.nat.bg/~joro/datatrack.html see bugsplat bug #354219
Assignee: norris → mstoltz
Status: ASSIGNED → NEW
|
Assignee | |
Updated•25 years ago
|
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 5•25 years ago
|
||
Mitchell,
Mitchell Stoltz wrote:
>
> Georgi,
> You mentioned in a status report that hou have reviewed the data:
> protocol for security recently. Are we still vulnerable to this exploit?
>
I double checked this potential vulnerability. It is fixed and I can
confirm it does not work on build 2000051520.
Regards,
Georgi Guninski
Marking bug RESOLVED as per Guninski.
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•