Comment #3 on issue 563 by [email protected]: Domita doesn't always
validate the types of values it returns from DOM objects
http://code.google.com/p/google-caja/issues/detail?id=563
Actually, we still don't do type verification in the majority of cases of
simple properties, such as NP.ro and NP.rw. However, since r5313, we do
tame() the value passed in now, specifically for this class of problem:
* The taming membrane is applied to values. This should not actually
* matter because these are intended to be used for primitive-valued
* properties; we tame as a shortcut to protect against unexpected
* behavior (or misuse) causing breaches.
It doesn't defend against an already-granted powerful object somehow
getting in, but that seems unlikely.
I also have plans to further increase robustness in this area, recorded
under a separate issue.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
