[tor-bugs] #10285 [Firefox Patch Issues]: Write test pages for certain FF24 features
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Dec 4 08:08:07 UTC 2013
#10285: Write test pages for certain FF24 features
----------------------------------+---------------------
Reporter: mikeperry | Owner: gk
Type: task | Status: new
Priority: major | Milestone:
Component: Firefox Patch Issues | Version:
Keywords: ff24-esr | Actual Points:
Parent ID: | Points:
----------------------------------+---------------------
There are a couple of new Firefox features that may behave in unacceptable
ways on some platforms. In particular, the web notifications api
(https://developer.mozilla.org/en-US/docs/WebAPI/Using_Web_Notifications)
could potentially introduce proxy bypass similar to what we saw with drag
and drop url sniffing by the OS Desktop.
Similarly, if https://developer.mozilla.org/en-
US/docs/Web/API/ClipboardEvent.clipboardData is able to randomly inspect
the clipboard, this could be very privacy invasive. We should ensure that
the clipboard APIs either ask the user first, or otherwise only interact
with clipboard data originating from that same page.
There were also some changes to the Download Manager in terms of how it
executes helper apps, and to the external app launcher's threading
behavior. We should verify that our external app blocker still asks the
user for confirmation in these cases:
https://bugzilla.mozilla.org/show_bug.cgi?id=858234
https://bugzilla.mozilla.org/show_bug.cgi?id=789932
Finally, support for querying and inspecting font variants was introduced.
Do our font limit counters still apply in that case? Should they?
https://bugzilla.mozilla.org/show_bug.cgi?id=549861
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10285>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list