View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005041 | Taler | wallet (WebExtension) | public | 2017-05-29 13:34 | 2017-06-06 14:18 |
| Reporter | Florian Dold | Assigned To | Florian Dold | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | git (master) | ||||
| Target Version | 0.3 | Fixed in Version | 0.3 | ||
| Summary | 0005041: do not allow the merchant to directly send proposal to wallet, which could circumvent nonce check | ||||
| Description | The API offered by the content script of the wallet should only accept URLs and not proposal objects. This also simplifies the code. | ||||
| Tags | No tags attached. | ||||
| related to | 0005040 | closed | Florian Dold | use wallet api lib instead of duplicated helpers in content script, since dead code elimination is available now |
|
|
Fixed around 613a14c14. The wallet API offered to normal pages can't directly give a contract to the wallet anymore. The wallet will always do the fetching and nonce checking. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2017-05-29 13:34 | Florian Dold | New Issue | |
| 2017-05-29 13:34 | Florian Dold | Status | new => assigned |
| 2017-05-29 13:34 | Florian Dold | Assigned To | => Florian Dold |
| 2017-05-29 13:34 | Florian Dold | Relationship added | related to 0005040 |
| 2017-05-31 17:11 | Florian Dold | Status | assigned => resolved |
| 2017-05-31 17:11 | Florian Dold | Resolution | open => fixed |
| 2017-05-31 17:11 | Florian Dold | Note Added: 0012199 | |
| 2017-06-02 09:35 | Christian Grothoff | Product Version | => git (master) |
| 2017-06-02 09:35 | Christian Grothoff | Fixed in Version | => 0.3 |
| 2017-06-02 09:35 | Christian Grothoff | Target Version | => 0.3 |
| 2017-06-06 14:18 | Christian Grothoff | Status | resolved => closed |
| 2023-04-13 20:37 | Florian Dold | Category | wallet (WebExtensions) => wallet (WebExtension) |
