Closed
Bug 764215
Opened 12 years ago
Closed 12 years ago
turn off iframe features ala browserid sandbox
Categories
(Firefox Graveyard :: SocialAPI, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mixedpuppy, Unassigned)
References
Details
the browserid sandbox turns off a number of iframe features, such as plugins, we need to copy those few lines of code.
|
Reporter | |
Comment 1•12 years ago
|
||
|
|
Reporter | |
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 2•12 years ago
|
||
this caused bustage on windows and was reverted. After a quick chat with MattN, and looking at the actual latest code being used, this was removed from the identity sandboxing as well.
|
||
Comment 3•12 years ago
|
||
the final code that landed in bug 762569 did this, fwiw.
|
||
Comment 4•12 years ago
|
||
This was marked as resolved/fixed, so just want to clarify for myself and the sake of this bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=762569#c25
My understanding is that the frameworker implementation patch does this. I looked in github, I think the code you're referring to is in FW.JSM
379: // Disable some types of content
380: webNav.allowAuth = false;
381: webNav.allowPlugins = false;
382: webNav.allowImages = false;
383: webNav.allowWindowControl = false;
384: // TODO: disable media (bug 759964)
Can you confirm? thx.
|
|
||
Comment 5•12 years ago
|
||
FrameWorker is in mozilla-central now, the code is here:
http://hg.mozilla.org/mozilla-central/annotate/afbb478ed7a1/toolkit/components/social/FrameWorker.jsm#l224
We should expand the test suite coverage for these cases.
Flags: in-testsuite?
|
|
||
Comment 6•12 years ago
|
||
(I also filed bug 771809 on sharing code here)
|
||
Updated•6 years ago
|
Product: Firefox → Firefox Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•