posted Jan 28, 2009 12:42 AM by Mark Larson
- [r8418] Fix pages failing to load with 'waiting for cache...' message. (Issue 4769)
- [r8443] Mitigate Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability (CVE-2007-0048, CVE-2007-0045) by blocking requests for javascript: URLs in NPN_GetURL* calls. (Internal issue 1543405)
- [r8445] Fix ability to send mail with Yahoo! Mail (Issue 1058, 5852)
- [r8429] Mark the SECOM Trust root certificates for EV (Issue 4985)
- [r8511] Fix to not download outdated SafeBrowsing lists (Issue 5597)
- [r8516] Fix some popups that were blocked even when the user requested them (Issue 6367)
- [r8522] Fix a timing issue that prevented Gears from starting properly sometimes (Issue 4219)
- [r8524] SECURITY: Fix bad same-origin check that could lead to one frame being able to read or write the location of other frames (Issue 6264)
- [r8529] Filter out Set-Cookie responses in XMLHttpRequest responses.
- [r8781] Add support for UA spoofing, and spoof Safari's UA string when loading URLs from *.mail.live.com (to fix hotmail). (Issue 4111)
|
|
