MozillaWiki

Security/Reviews/Gaia/costcontrol: Difference between revisions

Page Discussion

Security/Reviews/Gaia/costcontrol (view source)

Revision as of 17:32, 9 October 2013

336 bytes removed ,  9 October 2013
→‎Security Risks & Mitigating Controls
Line 118: Line 118:


=== Security Risks & Mitigating Controls ===
=== Security Risks & Mitigating Controls ===
* After speaking with developer regarding [https://wiki.mozilla.org/Security/Reviews/Gaia/costcontrol&amp;section=20#Suspicious_but_OK suspected but ok] issues, specifically the dynamically creating <script> tags in view_manager.js, I've learned that in some instances developers depend on innerHTML quirks for "sanitization" purposes.


=== Actions & Recommendations ===
=== Actions & Recommendations ===
Rfletcher
Confirmed users
353

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/725612"