superreview granted: [Bug 354693] [FIX] Security checks for channel redirects inconsistent with document principals : [Attachment 240472] Fix

Jonas Sicking <bugmail@sicking.cc> has granted Boris Zbarsky
<bzbarsky@mit.edu>'s request for superreview:
Bug 354693: [FIX] Security checks for channel redirects inconsistent with
document principals
https://bugzilla.mozilla.org/show_bug.cgi?id=354693

Attachment 240472: Fix
https://bugzilla.mozilla.org/attachment.cgi?id=240472&action=edit

------- Additional Comments from Jonas Sicking <bugmail@sicking.cc>
sr=sicking
0
bugzilla
11/22/2006 1:41:25 AM
mozilla.dev.super-review 29307 articles. 3 followers. Post Follow

0 Replies
472 Views

Similar Articles

[PageSpeed] 12

Reply:

Similar Artilces:

superreview requested: [Bug 354693] [FIX] Security checks for channel redirects inconsistent with document principals : [Attachment 240472] Fix
Boris Zbarsky <bzbarsky@mit.edu> has asked Jonas Sicking <bugmail@sicking.cc> for superreview: Bug 354693: [FIX] Security checks for channel redirects inconsistent with document principals https://bugzilla.mozilla.org/show_bug.cgi?id=354693 Attachment 240472: Fix https://bugzilla.mozilla.org/attachment.cgi?id=240472&action=edit ------- Additional Comments from Boris Zbarsky <bzbarsky@mit.edu> dveditz, I just want your review on the security manager changes; I think sicking can handle all the XUL stuff. Summary of changes: 1) Make redirect check consist...

superreview granted: [Bug 342489] [FIX]Security check in InstallTriggerCheckLoadURIFromScript is odd : [Attachment 226737] Fix
Daniel Veditz <dveditz@cruzio.com> has granted Boris Zbarsky (gone June 26 -- Jul 13) <bzbarsky@mit.edu>'s request for superreview: Bug 342489: [FIX]Security check in InstallTriggerCheckLoadURIFromScript is odd https://bugzilla.mozilla.org/show_bug.cgi?id=342489 Attachment 226737: Fix https://bugzilla.mozilla.org/attachment.cgi?id=226737&action=edit ------- Additional Comments from Daniel Veditz <dveditz@cruzio.com> r/sr=dveditz ...

superreview granted: [Bug 343065] [FIX]DOMSerializer does security checks against URIs, not principals : [Attachment 227494] 1.8 branch patch
Peter Van der Beken <peterv@propagandism.org> has granted Boris Zbarsky (gone June 26 -- Jul 13) <bzbarsky@mit.edu>'s request for superreview: Bug 343065: [FIX]DOMSerializer does security checks against URIs, not principals https://bugzilla.mozilla.org/show_bug.cgi?id=343065 Attachment 227494: 1.8 branch patch https://bugzilla.mozilla.org/attachment.cgi?id=227494&action=edit ...

superreview granted: [Bug 332840] [FIX]DOMParser gets wrong principal if no JS on stack (reload all live bookmarks produces security error in console) : [Attachment 236487] Fix the issue sicking point
Johnny Stenback <jst@mozilla.org> has granted Boris Zbarsky <bzbarsky@mit.edu>'s request for superreview: Bug 332840: [FIX]DOMParser gets wrong principal if no JS on stack (reload all live bookmarks produces security error in console) https://bugzilla.mozilla.org/show_bug.cgi?id=332840 Attachment 236487: Fix the issue sicking pointed out, and actually do the security check we should have been doing to make sure our args are not fake or anything. https://bugzilla.mozilla.org/attachment.cgi?id=236487&action=edit ------- Additional Comments from Johnny Stenback &l...

superreview granted: [Bug 282615] DOMSerializer's security checks don't take capabilities into account. : [Attachment 174606] Fix (diff -w for reviews)
Boris Zbarsky <bzbarsky@mit.edu> has granted Johnny Stenback <jst@mozilla.org>'s request for superreview: Bug 282615: DOMSerializer's security checks don't take capabilities into account. https://bugzilla.mozilla.org/show_bug.cgi?id=282615 Attachment 174606: Fix (diff -w for reviews) https://bugzilla.mozilla.org/attachment.cgi?id=174606&action=edit ------- Additional Comments from Boris Zbarsky <bzbarsky@mit.edu> sr=bzbarsky ...

superreview granted: [Bug 331620] [FIX]document.write on already open document clears it in some cases : [Attachment 217117] Fix
Johnny Stenback <jst@mozilla.org> has granted Boris Zbarsky <bzbarsky@mit.edu>'s request for superreview: Bug 331620: [FIX]document.write on already open document clears it in some cases https://bugzilla.mozilla.org/show_bug.cgi?id=331620 Attachment 217117: Fix https://bugzilla.mozilla.org/attachment.cgi?id=217117&action=edit ------- Additional Comments from Johnny Stenback <jst@mozilla.org> sr=jst ...

superreview granted: [Bug 281922] [FIX]iframe document region is not updated in this testcase : [Attachment 189212] Patch that fixes this bug for me
Johnny Stenback <jst@mozilla.org> has granted Boris Zbarsky <bzbarsky@mit.edu>'s request for superreview: Bug 281922: [FIX]iframe document region is not updated in this testcase https://bugzilla.mozilla.org/show_bug.cgi?id=281922 Attachment 189212: Patch that fixes this bug for me https://bugzilla.mozilla.org/attachment.cgi?id=189212&action=edit ------- Additional Comments from Johnny Stenback <jst@mozilla.org> r+sr=jst ...

superreview granted: [Bug 280214] [FIX]views don't get updated with SVG generated in XUL documents : [Attachment 172726] This fixes the bug for me
Robert O'Callahan (Novell) <roc@ocallahan.org> has granted Boris Zbarsky <bzbarsky@mit.edu>'s request for superreview: Bug 280214: [FIX]views don't get updated with SVG generated in XUL documents https://bugzilla.mozilla.org/show_bug.cgi?id=280214 Attachment 172726: This fixes the bug for me https://bugzilla.mozilla.org/attachment.cgi?id=172726&action=edit ...

superreview canceled: [Bug 396443] SVG documents only documents that don't do an Enumerate security check : [Attachment 307737] Fix.
Johnny Stenback (:jst) <jst@mozilla.org> has canceled Johnny Stenback (:jst) <jst@mozilla.org>'s request for superreview: Bug 396443: SVG documents only documents that don't do an Enumerate security check https://bugzilla.mozilla.org/show_bug.cgi?id=396443 Attachment 307737: Fix. https://bugzilla.mozilla.org/attachment.cgi?id=307737&action=edit ------- Additional Comments from Johnny Stenback (:jst) <jst@mozilla.org> Same thing, but makes the security checks in the enumerate hook debug only, and make them only assert. ...

superreview requested: [Bug 396443] SVG documents only documents that don't do an Enumerate security check : [Attachment 307737] Fix.
Johnny Stenback (:jst) <jst@mozilla.org> has asked Blake Kaplan <mrbkap@gmail.com> for superreview: Bug 396443: SVG documents only documents that don't do an Enumerate security check https://bugzilla.mozilla.org/show_bug.cgi?id=396443 Attachment 307737: Fix. https://bugzilla.mozilla.org/attachment.cgi?id=307737&action=edit ------- Additional Comments from Johnny Stenback (:jst) <jst@mozilla.org> Yeah, I see no reason why we wouldn't want this, especially now that window.document is no longer allAccess which means that other origins shouldn't be a...

superreview granted: [Bug 206053] [FIX]document.getElementsByTagName('tagname') with XML document wrongly includes elements with namespace prefix in the tag name : [Attachment 218840] Fix
Johnny Stenback <jst@mozilla.org> has granted Boris Zbarsky <bzbarsky@mit.edu>'s request for superreview: Bug 206053: [FIX]document.getElementsByTagName('tagname') with XML document wrongly includes elements with namespace prefix in the tag name https://bugzilla.mozilla.org/show_bug.cgi?id=206053 Attachment 218840: Fix https://bugzilla.mozilla.org/attachment.cgi?id=218840&action=edit ------- Additional Comments from Johnny Stenback <jst@mozilla.org> sr=jst ...

superreview granted: [Bug 245066] [internal] nsPop3Protocol.cpp, back out fix for bug #157644, since david has fixed the problem another way (bug #229374) : [Attachment 156344] proposed fix
Scott MacGregor <mscott@mozilla.org> has granted David Bienvenu <bienvenu@nventure.com>'s request for superreview: Bug 245066: [internal] nsPop3Protocol.cpp, back out fix for bug #157644, since david has fixed the problem another way (bug #229374) http://bugzilla.mozilla.org/show_bug.cgi?id=245066 Attachment 156344: proposed fix http://bugzilla.mozilla.org/attachment.cgi?id=156344&action=edit ...

superreview granted: [Bug 206053] [FIX]document.getElementsByTagName('tagname') with XML document wrongly includes elements with namespace prefix in the tag name : [Attachment 223159] Fix for searchWi
Scott MacGregor <mscott@mozilla.org> has granted neil@parkwaycc.co.uk <neil@httl.net>'s request for superreview: Bug 206053: [FIX]document.getElementsByTagName('tagname') with XML document wrongly includes elements with namespace prefix in the tag name https://bugzilla.mozilla.org/show_bug.cgi?id=206053 Attachment 223159: Fix for searchWidgets.xml https://bugzilla.mozilla.org/attachment.cgi?id=223159&action=edit ------- Additional Comments from Scott MacGregor <mscott@mozilla.org> thanks a lot for fixing this Neil. ...

superreview requested: [Bug 342489] [FIX]Security check in InstallTriggerCheckLoadURIFromScript is odd : [Attachment 226737] Fix
Boris Zbarsky (gone June 26 -- Jul 13) <bzbarsky@mit.edu> has asked Daniel Veditz <dveditz@cruzio.com> for superreview: Bug 342489: [FIX]Security check in InstallTriggerCheckLoadURIFromScript is odd https://bugzilla.mozilla.org/show_bug.cgi?id=342489 Attachment 226737: Fix https://bugzilla.mozilla.org/attachment.cgi?id=226737&action=edit ...

Web resources about - superreview granted: [Bug 354693] [FIX] Security checks for channel redirects inconsistent with document principals : [Attachment 240472] Fix - mozilla.dev.super-review

Resources last updated: 12/23/2015 1:09:23 AM