[Webkit-unassigned] [Bug 153889] New: CustomGetterSetter accessors should only work on objects from the same global object
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Feb 4 13:01:31 PST 2016
https://bugs.webkit.org/show_bug.cgi?id=153889
Bug ID: 153889
Summary: CustomGetterSetter accessors should only work on
objects from the same global object
Classification: Unclassified
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: oliver at apple.com
CC: cdumez at apple.com
In order to be safe from information leakage we should make the CustomGetterSetter functions require that the |this| object and the argument (in the case of setters) be from that same origin as the getter/setter function itself.
This is simply a guaranteed hardening against leakage, and as we haven't historically exposed this kind of information it can't be a regression.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160204/8c645378/attachment-0001.html>
More information about the webkit-unassigned
mailing list