[Webkit-unassigned] [Bug 33616] New: Inspector interface allows insecure data transfer
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jan 13 12:22:13 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=33616
Summary: Inspector interface allows insecure data transfer
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore JavaScript
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: ggaren at apple.com
>From https://bugs.webkit.org/show_bug.cgi?id=33469:
> 2. I don't think interfaces like this are safe:
>
> + ScriptObject injectedScriptFor(ScriptState*);
> + ScriptObject injectedScriptForId(long);
>
> Because you're giving out a generic object, the client of the interface can do
> anything with the object, including passing it unsafe data. It would be better
> if the C++ object wrapping the "injected script" controlled all interaction
> with it, to ensure that no non-primitive data leaked across the boundary.
Eventually we will create a typed interface for that object. Currently it is
used only as ScriptFunctionCall argument but we should restrict the set of
functions that can be called on that object, it would make the injected script
interface clearer. We've already done similar thing in InspectorFrontend.cpp
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list