You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
StrictMode is a developer tool which detects things you might be doing by accident and brings them to your attention so you can fix them. Currently, it's commented in WordPressDebug.
We had a security vulnerability (Slack ref: p1656678398776749-slack-CRA4UEQQ3) caused by unsafe intent launch which could be detected by StrictMode's detectUnsafeIntentLaunch().
In this issue, we need to
add detectUnsafeIntentLaunch() in StrictMode detections,
investigate other detections that might be beneficial,
check if enabling StrictMode have any significant drawback, if not, enable it for all debug builds,
enable StrictMode detections in automated tests of CI,
investigate other security tools. (If we can find good tools, we can use them in place of StrictMode or addition to StrictMode)
If these are a lot for a PR, multiple PRs can fix this issue.
The text was updated successfully, but these errors were encountered:
StrictMode is a developer tool which detects things you might be doing by accident and brings them to your attention so you can fix them. Currently, it's commented in WordPressDebug.
We had a security vulnerability (Slack ref: p1656678398776749-slack-CRA4UEQQ3) caused by unsafe intent launch which could be detected by StrictMode's
detectUnsafeIntentLaunch()
.In this issue, we need to
detectUnsafeIntentLaunch()
in StrictMode detections,If these are a lot for a PR, multiple PRs can fix this issue.
The text was updated successfully, but these errors were encountered: