Last Update: 2015-08-23 17:20 Created at: 2015-08-23 12:56 RSS
on* attribute being set using setAttribute

Status
Priority
Milestone
Tags
No Tags

Warning: To prevent vulnerabilities, event handlers (like 'onclick' and 'onhover') should always be defined using addEventListener.

Severity for automated signing: medium

Suggestions for passing automated signing:

Please use addEventListener any place you might otherwise create event listener attributes. Event listener attributes will not be accepted in add-ons submitted for automated signing in any instance where they may be reasonably avoided.

content/addBookmarksOverlay.js

 47     newtree.setAttribute("rows","6");
 48     newtree.setAttribute("onselect","selectTreeFolder();");
 49     gBookmarksTree=tabpanels[0].appendChild(newtree);
 61     keywordTxt.setAttribute("id","keyword");
 62     keywordTxt.setAttribute("oninput","onFieldInput();");
 63     gKeyword.parentNode.replaceChild(keywordTxt,gKeyword);
 66     var main=document.getElementById("addBookmarkDialog");
 67     main.setAttribute('ondialogaccept','return doOKSwitch(event);');
 68

content/gmarks.js

320     var addbkmk = document.getElementById("Browser:AddBookmarkAs");
321     addbkmk.setAttribute("oncommand","GM.addGMark()");
322   }
376         ele.setAttribute("id","gmarks_menu_"+id);
377         ele.setAttribute("oncommand","GM.addGMark();");
378         break;
381         ele.setAttribute("id","gmarks_menu_"+id);
382         ele.setAttribute("oncommand","GM.addGMarks();");
383         break;
386         ele.setAttribute("id","gmarks_menu_"+id);
387         ele.setAttribute("oncommand","GM.removeGMark();");
388         break;
391         ele.setAttribute("id","gmarks_menu_"+id);
392         ele.setAttribute("oncommand","GM.organizeGMarks();");
393         break;
396         ele.setAttribute("id","gmarks_menu_"+id);
397         ele.setAttribute("oncommand","GM.manageOnline();");
398         break;
401         ele.setAttribute("id","gmarks_menu_"+id);
402         ele.setAttribute("oncommand","GM.openOptions();");
403         break;
406         ele.setAttribute("id","gmarks_menu_"+id);
407         ele.setAttribute("oncommand","GM.editFilters();");
408         break;
411         ele.setAttribute("id","gmarks_menu_"+id);
412         ele.setAttribute("oncommand","GMS.getBookmarksFeed('onrefresh',true);");
413         break;
464           ele.setAttribute("id","gmarks_menu_signin");
465           ele.setAttribute("oncommand","GM.signIn();");
466         }

content/addeditbookmark.js

306     vbox.appendChild(mainlbl);
307     vbox.setAttribute("onclick",'lblComplete("'+matched[i]+'");');
308     vbox.setAttribute("onmouseover",'onMouseOver('+i+');');
309     if (i==0)

content/quicksearch.js

142         //vbox.setAttribute("oncommand",'openBookmark("'+results[i].url+'",event);');
143         vbox.setAttribute("onclick",'if (event.button!=2) openBookmark("'+results[i].url+'",event);');
144         vbox.setAttribute("onmouseover",'onMouseOver('+i+');');
145         vbox.setAttribute('value',i);

2015-08-23
17:20 The body has been updated (shitamo)
Warning: To prevent vulnerabilities, event handlers (like 'onclick' and 'onhover') should always be defined using addEventListener. Severity for automated signing: medium Suggestions for passing automated signing: Please use addEventListener any place you
13:24 The body has been updated (shitamo)
Warning: To prevent vulnerabilities, event handlers (like 'onclick' and 'onhover') should always be defined using addEventListener. Severity for automated signing: medium Suggestions for passing automated signing: Please use addEventListener any place you
13:16 The body has been updated (shitamo)
Warning: To prevent vulnerabilities, event handlers (like 'onclick' and 'onhover') should always be defined using addEventListener. Severity for automated signing: medium Suggestions for passing automated signing: Please use addEventListener any place you
12:56 Create New Ticket(#50520): on* attribute being set using setAttribute (shitamo)