Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address "unsafe CPOW usage" warnings #2151

Closed
arantius opened this issue Apr 22, 2015 · 4 comments
Closed

Address "unsafe CPOW usage" warnings #2151

arantius opened this issue Apr 22, 2015 · 4 comments
Milestone
3.5

Comments

@arantius
Copy link
Collaborator

I'm seeing them now for:

Line 266 and 270 of browser.js, in:

function GM_showPopup(aEvent) {
  function urlsOfAllFrames(contentWindow) {
    var urls = [contentWindow.location.href];
    function collect(contentWindow) {
      urls = urls.concat(urlsOfAllFrames(contentWindow));
    }
    Array.prototype.slice.call(contentWindow.frames).forEach(collect);
    return urls;
  }

The var urls = ... and the Array.prototype.slice... lines. Line 17, 23, and 28 of windowId.js.

Maybe others I haven't noticed yet.
@arantius arantius modified the milestones: 3.2, 3.3 Apr 22, 2015
@janekptacijarabaci
Copy link
Contributor

Current:

cpow

@janekptacijarabaci
Copy link
Contributor

I've pushed a fix to the testing branch: master...janekptacijarabaci:_testBranch_unsafe_CPOW_usage

The suggestion (for example).
It is necessary to test all options!

The warning: Thus it will not work in Firefox 24- (e.g. PaleMoon)! This works in Firefox 25+

The new solution to the issue: #2282

@arantius arantius modified the milestone: 3.3 May 29, 2015
@arantius arantius modified the milestones: 3.4, 3.3 Jun 17, 2015
@arantius arantius modified the milestones: 3.5, 3.4 Jul 31, 2015
@janekptacijarabaci janekptacijarabaci mentioned this issue Aug 31, 2015
Closed
@janekptacijarabaci janekptacijarabaci mentioned this issue Sep 19, 2015
Merged
@arantius
Copy link
Collaborator Author

Merged by hand.

@arantius
Copy link
Collaborator Author

This should be in 3.5beta1; let me know what you think:
https://addons.mozilla.org/firefox/downloads/file/354560/greasemonkey-3.5beta1-fx.xpi?src=devhub

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.5
Development

No branches or pull requests
2 participants
@arantius @janekptacijarabaci