You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cordova.apache.org by "Dave Charles Johnson (Created) (JIRA)" <ji...@apache.org> on 2011/11/25 21:53:40 UTC
[jira] [Created] (CB-23) Remove App.addWhiteListEntry() since it
allows runtime code to override build time settings
Remove App.addWhiteListEntry() since it allows runtime code to override build time settings
-------------------------------------------------------------------------------------------
Key: CB-23
URL: https://issues.apache.org/jira/browse/CB-23
Project: Apache Callback
Issue Type: Bug
Reporter: Dave Charles Johnson
This is probably a security problem since the whole idea of the whitelist is to prevent runtime code from accessing a domain unless it's in the whitelist.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (CB-23) Remove App.addWhiteListEntry() since it
allows runtime code to override build time settings
Posted by "Simon MacDonald (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CB-23?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Simon MacDonald resolved CB-23.
-------------------------------
Resolution: Fixed
The code has been removed:
https://github.com/callback/callback-android/commit/e02322b66b7588e93433697493b1a4795e78227a
> Remove App.addWhiteListEntry() since it allows runtime code to override build time settings
> -------------------------------------------------------------------------------------------
>
> Key: CB-23
> URL: https://issues.apache.org/jira/browse/CB-23
> Project: Apache Callback
> Issue Type: Bug
> Components: Android
> Affects Versions: 1.1.0, 1.2.0
> Reporter: Dave Charles Johnson
> Assignee: Simon MacDonald
> Fix For: 1.3.0
>
>
> This is probably a security problem since the whole idea of the whitelist is to prevent runtime code from accessing a domain unless it's in the whitelist.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CB-23) Remove App.addWhiteListEntry() since it
allows runtime code to override build time settings
Posted by "Shazron Abdullah (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CB-23?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shazron Abdullah updated CB-23:
-------------------------------
Component/s: Android
> Remove App.addWhiteListEntry() since it allows runtime code to override build time settings
> -------------------------------------------------------------------------------------------
>
> Key: CB-23
> URL: https://issues.apache.org/jira/browse/CB-23
> Project: Apache Callback
> Issue Type: Bug
> Components: Android
> Reporter: Dave Charles Johnson
>
> This is probably a security problem since the whole idea of the whitelist is to prevent runtime code from accessing a domain unless it's in the whitelist.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CB-23) Remove App.addWhiteListEntry() since it
allows runtime code to override build time settings
Posted by "Simon MacDonald (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CB-23?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Simon MacDonald updated CB-23:
------------------------------
Affects Version/s: 1.1.0
1.2.0
Fix Version/s: 1.3.0
Assignee: Simon MacDonald
> Remove App.addWhiteListEntry() since it allows runtime code to override build time settings
> -------------------------------------------------------------------------------------------
>
> Key: CB-23
> URL: https://issues.apache.org/jira/browse/CB-23
> Project: Apache Callback
> Issue Type: Bug
> Components: Android
> Affects Versions: 1.1.0, 1.2.0
> Reporter: Dave Charles Johnson
> Assignee: Simon MacDonald
> Fix For: 1.3.0
>
>
> This is probably a security problem since the whole idea of the whitelist is to prevent runtime code from accessing a domain unless it's in the whitelist.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira