Warnings in AMO #2
Description
on* attribute being set using setAttribute
Avertissement: To prevent vulnerabilities, event handlers (like 'onclick' and 'onhover') should always be defined using addEventListener.
chrome/content/eotoolbar.js
var info = document.getElementById('eotoolbar-inforss');
info.setAttribute("oncommand",
"gBrowser.selectedBrowser.loadURI('"+link.textContent+"');");