Status: New
Owner:
kpreid.switchb.org
Labels: Type-Defect Priority-Medium Component-Other Component-Taming
Security
New issue 1955 by erights: Fix remaining uses of
Object.prototype.toString.call as a brand test to do something else.
https://code.google.com/p/google-caja/issues/detail?id=1955
As of this writing, Object.prototype.toString.call(specimen) is still a
reliable brand test on all deployed browsers, but TC39 recently agreed on a
change so that it would no longer be.
Uses in SES fixed at r5708. Remaining uses at least in
cajaTamingGoogleLoader.js and taming-membrane.js, either of which may
actually be safe.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings