202
edits
Security/Sandbox/Deny Filesystem Access: Difference between revisions
Jump to navigation
Jump to search
Security/Sandbox/Deny Filesystem Access (view source)
Revision as of 19:12, 18 May 2016
, 18 May 2016→Cross-Platform Blockers
Haftandilian (talk | contribs) (→Status) |
Haftandilian (talk | contribs) |
||
| Line 32: | Line 32: | ||
| {{bug|1136836}} Load chrome: URLs through parent process || Blocks disabling read access to $HOME || Addons can load scripts and resources from the profile directory using chrome:// and resource:// URL's. An add-on calling loadFromScript("chrome://foo/bar") from the Parent process results in Content trying to load that URL. | | {{bug|1136836}} Load chrome: URLs through parent process || Blocks disabling read access to $HOME || Addons can load scripts and resources from the profile directory using chrome:// and resource:// URL's. An add-on calling loadFromScript("chrome://foo/bar") from the Parent process results in Content trying to load that URL. | ||
|- | |- | ||
| {{bug|1109293}} Desktop content process resource:// and moz-extension:// URIs should not directly use file:/// || | | {{bug|1109293}} Desktop content process resource:// and moz-extension:// URIs should not directly use file:/// || Might block how we handle file:// URI's || | ||
The content process is using resource:// and moz-extension:// URI's that resolve to file:// URI's, but we want to treat these URI's differently compared to file:// URI's. | |||
|} | |} | ||