Changes

Jump to: navigation, search

Add-ons/Reviewers/Guide/Reviewing

10 bytes removed, 16:39, 6 January 2016
Added on* event note
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | <code>eval</code> may sometimes be allowed when it is used carefully to patch Firefox functions with local code.
|- style="vertical-align: top;"
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using <code>setTimeout()</code>, or <code>setInterval()</code>, or properties like <code>onclick</code> to evaluate JS code.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add note
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | <code>setTimeout</code> and <code>setInterval</code> They may be used with hardcoded JS strings, but using closures is preferred. Only reject if it looks like remote code is being evaluated.
|- style="vertical-align: top;"
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Remote script injection.
Jorge.villalobos
Canmove, confirm
1,448
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1111594"

Navigation menu