Skip to content

/ servo

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
38 Open 36 Closed
38 Open 36 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
Accepting self-signed SSL certs doesn't persist between sessions A-embedding A-network A-security I-papercut
#27269 opened Jul 14, 2020 by jdm
Revoked SSL cert doesn't trigger cert error page A-network A-security
#26835 opened Jun 9, 2020 by jdm
Implement SameSite cookies A-network A-security
#25600 opened Jan 25, 2020 by pshaughn
Fix UrlHelper::is_origin_trustworthy A-content/dom A-security C-assigned
#25387 opened Dec 24, 2019 by Darkspirit
2
Possible security issue when deleting databases for IndexedDB A-content/indexeddb A-security
#25320 opened Dec 17, 2019 by rasviitanen
Implement securitypolicyviolation events A-content/dom A-security
#25182 opened Dec 6, 2019 by pshaughn
Access-Control-Expose-Headers strings with strange characters can throw NetworkError or expose headers they shouldn't A-network A-security
#25179 opened Dec 6, 2019 by pshaughn
1
Setting a cookie from a sandboxed iframe isn't throwing an exception A-content/dom A-network A-security
#24970 opened Nov 30, 2019 by pshaughn
Javascript exception throws between different-origin scripts aren't being muted correctly A-content/dom A-content/script A-security
#24897 opened Nov 28, 2019 by pshaughn
8
Clean-up "new pipeline" flow in constellation - match with correct event-loop A-constellation A-security
#23885 opened Jul 29, 2019 by gterzian
2
Store a top-level origin in ScriptThread and forbid non-similar-origin page loads A-content/script A-security
#23782 opened Jul 16, 2019 by jdm
1
Spectre: the definitive guide A-security
#23674 opened Jul 1, 2019 by gterzian
1
Improve security of Navigation A-content/script A-security
#23373 opened May 13, 2019 by gterzian
3
Cross-origin redirection during initial page load messes up origin checks A-constellation A-content/script A-security
#23037 opened Mar 14, 2019 by jdm
2
Implement document origin, as separate from document Url A-content/dom A-security
#22879 opened Feb 13, 2019 by jdm
4
WebVR/XR security A-security A-webvr A-xr-zomg
#22755 opened Jan 24, 2019 by asajeffrey
@asajeffrey
1
Support cross-origin font loads A-platform/fonts A-security B-interesting-project
#22694 opened Jan 15, 2019 by jdm
Tracking protection A-security
#22404 opened Dec 10, 2018 by asajeffrey
Event loops/Message pumps security issues A-security
#21171 opened Jul 13, 2018 by gterzian
2
Process isolation metabug A-security B-meta
#20567 opened Apr 5, 2018 by asajeffrey 0 of 4
2
Introduce imprecision in timers for timing attack mitigation A-perf-measurement A-security
#20566 opened Apr 5, 2018 by avadacatavra
3
Support Feature-Policy A-security A-xr-spec-complete
#20286 opened Mar 13, 2018 by nox
@nox
3
the HSTS preload list includes entries that are not considered HSTS A-network A-security
#20113 opened Feb 24, 2018 by mozkeeler
2
Consider whether we should add deprecated ciphers to our list of accepted ciphers A-network A-security
#16357 opened Apr 11, 2017 by nox
create usable principal values for wrapper origin checks A-content/script A-security
#16243 opened Apr 3, 2017 by avadacatavra
@avadacatavra
1
ProTip! Type g i on any issue or pull request to go back to the issue listing page.
You can’t perform that action at this time.