Hi,
> What's the specific warning message given?
I will add it to the end of the email.
> However I am
> pretty sure jQuery UI point that to a function.
Yeah.
> We should workaround the limitation of this kind of false positive
> either by manual review or hash checking of libraries, if possible.
So you think it will be possible to use libraries like jQuery in the
future for privileged apps? If so then I will wait until it is possible
before I send it in again to the marketplace.
/Jeena
---------------
js/jquery.js
420
421
422
if ( !document.body ) {
return setTimeout( jQuery.ready );
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
536
537
538
if ( parsed ) {
return [ context.createElement( parsed[1] ) ];
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
569
570
return ( new Function( "return " + data ) )();
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
611
612
613
( window.execScript || function( data ) {
window[ "eval" ].call( window, data );
} )( data );
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
926
927
// Handle it asynchronously to allow scripts the opportunity to delay ready
setTimeout( jQuery.ready );
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
3449
3450
for ( i in { submit: true, change: true, focusin: true }) {
div.setAttribute( eventName = "on" + i, "t" );
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
4006
4007
4008
return this.queue( type, function( next, hooks ) {
var timeout = setTimeout( next, time );
hooks.stop = function() {
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
5989
5990
5991
while ( list.length ) {
safeFrag.createElement(
list.pop()
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
7298
7299
7300
function actualDisplay( name, doc ) {
var elem = jQuery( doc.createElement( name ) ).appendTo( doc.body ),
display = jQuery.css( elem[0], "display" );
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
8481
script = document.createElement("script");
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
8787
8788
8789
// retrieved directly we need to fire the callback
setTimeout( callback );
} else {
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.js
9519
9520
9521
if ( !timerId ) {
timerId = setInterval( jQuery.fx.tick, jQuery.fx.interval );
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
784
785
786
var instance = this;
return setTimeout( handlerProxy, delay || 0 );
},
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
1403
1404
timeout_id = setTimeout( poll, $.fn[ str_hashchange ].delay );
};
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
3427
3428
3429
// Promise a held call will still execute
heldCall = setTimeout( handler, throttle - diff );
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
3996
3997
3998
delayedSetLastScroll = function() {
setTimeout( setLastScroll, 100 );
};
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
4110
4111
4112
// defer execution for consistency between webkit/non webkit
setTimeout( callback, 0 );
return $( this );
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
4428
4429
4430
// hide after delay
setTimeout( $.mobile.hidePageLoadingMsg, 1500 );
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
5587
5588
5589
else {
buttonInner = document.createElement( o.wrapperEls );
buttonText = document.createElement( o.wrapperEls );
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
5588
5589
5590
buttonInner = document.createElement( o.wrapperEls );
buttonText = document.createElement( o.wrapperEls );
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
6728
6729
6730
clearTimeout( keyupTimeout );
keyupTimeout = setTimeout( self._keyup, keyupTimeoutBuffer );
});
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
8439
8440
8441
this._resizeData = {
timeoutId: setTimeout( $.proxy( this, "_resizeTimeout" ), 200 ),
winCoords: winCoords
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
10577
10578
10579
} else {
setTimeout( complete, 0 );
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
10646
10647
10648
} else {
setTimeout( complete, 0 );
}
CSP Violation Detected
Warning: It appears that your code may be performing an action which
violates the CSP (content security policy) for privileged apps.
You can find more information about what is and is not allowed by the
CSP on the Mozilla Developers website.
https://developer.mozilla.org/en-US/docs/Security/CSP
js/jquery.mobile.js
11090
11091
// this ensures the rendering class is removed after 5 seconds, so
content is visible and accessible
setTimeout( hideRenderingClass, 5000 );
>> setTimeout( setLastScroll, 100 );
>>
>> I understand that it is like using plain eval() and that it is good that
>> this is not allowed on my phone.
>>
>> So my question is: Do you know any mobile library which I could use to
>> write my privileged application for Firefox OS without writing all the
>> list views-, navigation-, transitions code myself manually?
>>
>> /Jeena
>> _______________________________________________
>> dev-b2g mailing list
>> [email protected]
>> https://lists.mozilla.org/listinfo/dev-b2g
>
>
>
_______________________________________________
dev-webapps mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-webapps
