1248165
|
|
Ability to execute an userdefined script
|
Core
|
Security: CAPS
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1464504
|
|
Links directing to "file:" addresses are eating part of the UNC
|
Core
|
Security: CAPS
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1481749
|
|
saml post is missing since Firefox 57 Quantum
|
Core
|
Security: CAPS
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1482368
|
|
same origin policy for file: URI and NTFS symlink and junction point
|
Core
|
Security: CAPS
|
nobody
|
UNCO
|
---
|
2024-05-30
|
49768
|
|
Better integration between caps and PSM for getting cert info
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
410700
|
|
Security checks for file:// URIs is horribly slow.
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
424261
|
|
Tests needed for new file:// URI security scheme.
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
92678
|
|
Local file with 'base href' cannot load local JS script
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-12
|
1279236
|
|
Fix CAPS test for chrome:// linkage from img tags on the web to rely on test-only image URIs
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1292302
|
|
make constructing nsExpandedPrincipal more efficient
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1500346
|
|
POST method not work in simple form (replaced with GET)
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1508742
|
|
Fast inline helpers shadowed in BasePrincipal
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1665681
|
|
Defer running script within XULTabAccessible::NativeState
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2020-09-17
|
1713645
|
|
Consider splitting up partitionKey origin attribute
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2021-08-18
|
81297
|
|
setAttribute("src","localfile") results in a security error
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
286378
|
|
failure to retrieve string should not trump setting an exception
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
486311
|
|
nsScriptSecurityManager getService call chain shouldn't rely on intl/stringbundle
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2023-12-11
|
1900123
|
|
Intermittent caps/tests/mochitest/test_loadLocalFont.html | single tracking bug
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
Sun 23:33
|
96680
|
|
deloading of HTTP handler from nsScriptSecurityManager::InitPrincipals
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
110664
|
|
Permission denied to get property NodeList.length
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
123248
|
|
[RFE] PER-SITE java[script]/cookie security in status line
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
159135
|
|
[RFE] Block browsing of file system through Address/Location bar
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
180410
|
|
setCanEnablePrivilege() not working as expected, first called?
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
209293
|
|
Permission denied to get property HTMLImageElement.src
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
248207
|
|
UniversalPhishing (UniversalWebApp) privileges
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
294381
|
|
Need better CanExecuteScripts() api
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
302846
|
|
nsSecurityManager::GetBaseURIScheme should assume "about safe"
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
304048
|
|
xpconnect getters/setters don't have principals until after they pass or fail their security check
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
313458
|
|
Choosing "view background image" on right click menu for the yellow warning triangle on error page generates JS Console error
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
356113
|
|
Javascript on Firefox and Mozilla doesn't works correctly with Framesets, when on Serverside apache works with port-remapping
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
359197
|
|
Scriptable variant of nsISecurityManager.canExecuteScript() wanted
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
400336
|
|
XPath can bypass CAPS denying permission to reach a DOM node
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
418429
|
|
"Node was not found" error in this case, should work just fine
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
424860
|
|
Change nsContentUtils::URIIsLocalFile() name or signature
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
425880
|
|
GetPrincipalDomainOrigin might need tweaking with strict file:// origins
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
457896
|
|
Same-origin policy for local files doesn't work with symlinked directories
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
533638
|
|
pushContextPrincipal should allow a null JSContext
|
Core
|
Security: CAPS
|
dveditz
|
NEW
|
---
|
2022-10-10
|
424114
|
|
internal same-origin checks are noisy, should be quiet
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-10
|
475940
|
|
Expose nsSameOriginChecker for shared use
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-10
|
689444
|
|
ASSERTION: Uh, cx is not the current JS context!
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-10
|
731122
|
|
segfault in xulrunner when running pyxpcom+hulahop
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-10
|
776296
|
|
Enable extendedOrigin tests on Windows
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-10
|
776297
|
|
Add three layers frames tests for bug 758258
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2024-02-27
|
794923
|
|
Make window.netscape getter warn about the property going away
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-10
|
951575
|
|
CAPS does not work in Nightly(Holly)29.0a1
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
963996
|
|
Startup crash at nsContentUtils::IsCallerChrome
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1042975
|
|
Remove security.checkloaduri pref from all.js as it's no longer in use
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1142819
|
|
nsScriptSecurityManager::CanCreateWrapper does not use its aObj argument
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1195451
|
|
nsStandardURL::SetHostPort should reset the port to default if no port is present
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1195459
|
|
nsStandardURL::SetHost should treat ipv6 hosts the same as nsStandardURL::GetHost
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1252794
|
|
remove frameType from nsIDocShell.idl
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1431771
|
|
consider not requiring object identity for null principal equality
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1433181
|
|
consider making GetChannelResultPrincipal() return the same null principal every time its called for the same data URL nsIChannel
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1528272
|
|
Move ContentPrincipal::mDomain to RealmPrivate
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1619242
|
|
Some attributes on nsIPrincipals shouldn't be [noscript]
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1649329
|
|
Intermittent caps/tests/mochitest/test_bug1367586.html | application crashed [@ libc.so + 0x8c66a]
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-10-11
|
1665056
|
|
The "security.fileuri.strict_origin_policy" pref should be latched at startup and not updated because it causes cross-process principal inconsistencies
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2022-12-26
|
1667440
|
|
Should OriginAttributes::EqualsIgnoringFPD look at mPartitionKey?
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2021-07-20
|
1810590
|
|
Accessing invalid/revoked object URLs logs Security Error instead of Network Error
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2023-02-07
|
1865119
|
|
nsIPrincipal::EqualsURI name misleading. Should be called nsIPrincipal::EqualsURIExceptRef
|
Core
|
Security: CAPS
|
nobody
|
NEW
|
---
|
2023-11-27
|
468572
|
|
Expose a method to determine whether two channels (or a principal and a channel) are same-origin
|
Core
|
Security: CAPS
|
dveditz
|
REOP
|
---
|
2022-10-10
|