Security/Reviews/NetworkMonitor: Difference between revisions

no edit summary
No edit summary
No edit summary
 
Line 54: Line 54:
<tr>
<tr>
<td>Joe / Honza </td>
<td>Joe / Honza </td>
<td> </td>
<td>757432 </td>
<td><Look at restricting privileges of the iframe. CSP possible if navigation is not allowed, otherwise look at docshell tricks / iframe sandbox</td>
<td><Look at restricting privileges of the iframe. CSP possible if navigation is not allowed, otherwise look at docshell tricks / iframe sandbox</td>
<td>before Aurora </td>
<td>before Aurora </td>
Line 61: Line 61:
<tr>
<tr>
<td>Joe / Honza </td>
<td>Joe / Honza </td>
<td> </td>
<td>757434 </td>
<td>put in a check that URL is http / https </td>
<td>put in a check that URL is http / https </td>
<td>before Aurora </td>
<td>before Aurora </td>
canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776

edits