217195 (patch by Jesse Ruderman) - security hole in markLinkVisited (exploited with link.href usage)

219875 (patch by Mike Connor) - localize strings for provisional security UI in Advanced Options panel
This commit is contained in:
ben%bengoodger.com 2003-09-23 19:34:25 +00:00
Родитель 1f9b196855
Коммит b6cc06fec0
3 изменённых файлов: 16 добавлений и 10 удалений

Просмотреть файл

@ -105,9 +105,17 @@ function markLinkVisited(href, linkNode)
.getService(Components.interfaces.nsIGlobalHistory);
if (!globalHistory.isVisited(href)) {
globalHistory.addPage(href);
var oldHref = linkNode.href;
linkNode.href = "";
linkNode.href = oldHref;
var oldHref = linkNode.getAttribute("href");
if (typeof oldHref == "string") {
// Use setAttribute instead of direct assignment.
// (bug 217195, bug 187195)
linkNode.setAttribute("href", "");
linkNode.setAttribute("href", oldHref);
}
else {
// Converting to string implicitly would be a
// minor security hole (similar to bug 202994).
}
}
}

Просмотреть файл

@ -185,9 +185,7 @@
#ifdef PROVISIONAL_SECURITY_UI
<expander id="certs" label="&certs.label;" open="false" persist="open" clearhidden="true">
<description>This section is PROVISIONAL and will change or disappear in future releases!
It exists here now only to provide this functionality where no other access point
is available.</description>
<description>&securityUIDisclaimer.label;</description>
<groupbox align="start">
<caption label="&SSLClientAuthMethod;"/>
<description>&certselect.description;</description>
@ -227,9 +225,7 @@
</expander>
<expander id="validation" label="&validation.label;" open="false" persist="open" clearhidden="true">
<description>This section is PROVISIONAL and will change or disappear in future releases!
It exists here now only to provide this functionality where no other access point
is available.</description>
<description>&securityUIDisclaimer.label;</description>
<groupbox>
<caption label="&validation.crl.label;"/>
<description>&validation.crl.description;</description>

Просмотреть файл

@ -19,6 +19,8 @@
<!ENTITY linksOnlyTypeAheadFind.label "to search links only">
<!-- PROVISIONAL SECURITY UI ONLY -->
<!ENTITY securityUIDisclaimer.label "This section is PROVISIONAL and will change or disappear in future releases! It exists here now only to provide this functionality where no other access point is available.">
<!-- Certs -->
<!ENTITY certs.label "Certificates">
<!ENTITY SSLClientAuthMethod "Client Certificate Selection">