7
edits
Security/Reviews/Firefox6/ReviewNotes/ServerDomEvents: Difference between revisions
Security/Reviews/Firefox6/ReviewNotes/ServerDomEvents (view source)
Revision as of 00:38, 2 July 2011
, 2 July 2011→Server attacking client
| Line 46: | Line 46: | ||
** maybe we should have a per-tab limit so a single tab can't eat your networking limits | ** maybe we should have a per-tab limit so a single tab can't eat your networking limits | ||
* the spec specifies the event stream format and how to parse it - possible input validation threat here. how complex is the parser? should it get fuzzing and/or extra review? | * the spec specifies the event stream format and how to parse it - possible input validation threat here. how complex is the parser? should it get fuzzing and/or extra review? | ||
** The current spec offers 5 commands incl. the comment command ":". The syntax for each command is: "command_name: data EOL". Current fuzz tests showed no results 07/02/11. | |||
* Does this allow events to be fired (at web pages) at times when it would be unusual for events to fire? | * Does this allow events to be fired (at web pages) at times when it would be unusual for events to fire? | ||
* Do we have tests to ensure we don't crash/deadlock/leak if a script responds to receiving an event by: | * Do we have tests to ensure we don't crash/deadlock/leak if a script responds to receiving an event by: | ||