At least it sounds like this vulnerability has an easily-deployable fix.
One of the reasons Mozilla folks have opposed standardizing particular libraries as part of the Web platform is the risk that a security vulnerability might not be fixable without breaking compatibility.
This tweet is unavailable
2
20
1
35
Some history of comments on Web SQL:
lists.w3.org/Archives/Public…
lists.w3.org/Archives/Public…
lists.w3.org/Archives/Public…
lists.w3.org/Archives/Public…
1
2
5
Unfortunately, the browser engine that had the strongest position on not standardizing on libraries was EdgeHTML, and with its demise, I think the Web is stuck with only one implementation of some key pieces (e.g. ECMAScript Internationalization API, parts of the WebRTC stack).
Dec 15, 2018 · 1:10 AM UTC
2
3
1
10


