[Bug 28778] New: Should probably perform security checks on arguments too, not just this values

https://www.w3.org/Bugs/Public/show_bug.cgi?id=28778

            Bug ID: 28778
           Summary: Should probably perform security checks on arguments
                    too, not just this values
           Product: WebAppsWG
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: WebIDL
          Assignee: cam@mcc.id.au
          Reporter: bzbarsky@mit.edu
        QA Contact: public-webapps-bugzilla@w3.org
                CC: mike@w3.org, public-script-coord@w3.org

Otherwise any API that takes a Window or EventTarget argument and operates on
it without a security check is a security hole.  It's simpler to just do the
security check in the IDL layer, imo.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Monday, 8 June 2015 02:11:12 UTC