Opened 8 years ago
Closed 6 years ago
#1285 closed defect (fixed)
Add typeof checks to data read from scraper sandbox
| Reported by: | simon | Owned by: | simon |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | ingester | Version: | future |
| Keywords: | Cc: |
Description
A low priority issue, since we vet everything, but at the moment it seems like there are some security issues in translate.js. See https://developer.mozilla.org/En/Components.utils.evalInSandbox
Change History (1)
comment:1 Changed 6 years ago by simon
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
(In [6332]) closes #1285, Add typeof checks to data read from scraper sandbox
use XPCSafeJSObjectWrappers to enforce security of everything coming out of translators. this seems to work, but needs testing.