Updates:
Status: Accepted
Comment #7 on issue 1962 by [email protected]: Cross-frame for-in is
broken on Firefox 37, 38 beta
https://code.google.com/p/google-caja/issues/detail?id=1962
From the discussion on the bugzilla bug thread, it looks likely that
Firefox's behavior is correct by ES6 and is simply the first browser to
implement the ES6 behavior here rather than the ES5 behavior. We need to
fix this on the Caja side. The easiest fix, if we decide it is safe, is to
whitelist cajaVM.anonIntrinsics.IteratorPrototype.next .
Does anyone see any problem whitelisting this? If you were going to look
for a possible exploit this enables, where would you look?
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
