{
	"id": "61668",
	"key": "TIMOB-1036",
	"fields": {
		"issuetype": {
			"id": "1",
			"description": "A problem which impairs or prevents the functions of the product.",
			"name": "Bug",
			"subtask": false
		},
		"project": {
			"id": "10153",
			"key": "TIMOB",
			"name": "Titanium SDK/CLI",
			"projectCategory": {
				"id": "10100",
				"description": "Titanium and related SDKs used in application development",
				"name": "Client"
			}
		},
		"fixVersions": [
			{
				"id": "11234",
				"name": "Release 1.6.0 M01",
				"archived": true,
				"released": true,
				"releaseDate": "2010-12-20"
			}
		],
		"resolution": {
			"id": "1",
			"description": "A fix for this issue is checked into the tree and tested.",
			"name": "Fixed"
		},
		"resolutiondate": "2011-04-17T01:55:01.000+0000",
		"created": "2011-04-15T02:42:03.000+0000",
		"priority": {
			"name": "Medium",
			"id": "3"
		},
		"labels": [
			"android",
			"defect",
			"release-1.6.0",
			"security"
		],
		"versions": [],
		"issuelinks": [],
		"assignee": {
			"name": "mculpepper",
			"key": "mculpepper",
			"displayName": "Marshall Culpepper",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"updated": "2011-04-17T01:55:01.000+0000",
		"status": {
			"description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.",
			"name": "Closed",
			"id": "6",
			"statusCategory": {
				"id": 3,
				"key": "done",
				"colorName": "green",
				"name": "Done"
			}
		},
		"components": [
			{
				"id": "10202",
				"name": "Android",
				"description": "Android Platform"
			}
		],
		"description": "{html}<div><p>This is a security issue. Titanium APIs should only be allowed\nfor local urls</p></div>{html}",
		"attachment": [],
		"flagged": false,
		"summary": "Android: WebView Exposes Ti Methods with Remote URL",
		"creator": {
			"name": "dthorp",
			"key": "dthorp",
			"displayName": "Don Thorp",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"subtasks": [],
		"reporter": {
			"name": "dthorp",
			"key": "dthorp",
			"displayName": "Don Thorp",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"environment": null,
		"comment": {
			"comments": [
				{
					"id": "124617",
					"author": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"body": "{html}<div><p>(from <a href=\n\"/projects/32238/changesets/12d7bf6a90db72fa0aebe538c95128c8a0cdc625\"\ntitle=\n\"Changeset [12d7bf6a90db72fa0aebe538c95128c8a0cdc625]\">[12d7bf6a90db72fa0aebe538c95128c8a0cdc625]</a>)\nInject our Ti JS and JSON near beginning of local (and ONLY local)\nhtml file contents or html set directly via the html property.\n[<a href=\"/projects/32238/tickets/2153\" title=\n\"Ticket #2153\">#2153</a> state:fixed-in-qa][<a href=\n\"/projects/32238/tickets/2514\" title=\"Ticket #2514\">#2514</a>\nstate:fixed-in-qa][<a href=\"/projects/32238/tickets/1635\" title=\n\"Ticket #1635\">#1635</a> state:fixed-in-qa][<a href=\n\"/projects/32238/tickets/1036\" title=\"Ticket #1036\">#1036</a>\nstate:fixed-in-qa] <a href=\n\"https://github.com/appcelerator/titanium_mobile/commit/12d7bf6a90db72fa0aebe538c95128c8a0cdc625\">\nhttps://github.com/appcelerator/titanium_mobile/commit/12d7bf6a90db...</a></p></div>{html}",
					"updateAuthor": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"created": "2011-04-15T02:42:03.000+0000",
					"updated": "2011-04-15T02:42:03.000+0000"
				},
				{
					"id": "124618",
					"author": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"body": "{html}<div><p>reopening for test case</p></div>{html}",
					"updateAuthor": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"created": "2011-04-15T02:42:04.000+0000",
					"updated": "2011-04-15T02:42:04.000+0000"
				},
				{
					"id": "124619",
					"author": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"body": "{html}<div><p>QA to test this, put this code in for a window JS:</p>\n<pre>\n<code class=\"javascript\">var win = Ti.UI.currentWindow;\nvar wv = Ti.UI.createWebView({url: 'http://www.google.com'});\nwv.addEventListener('load', function(e) {\n    alert(wv.evalJS('Titanium'));\n});\nwin.add(wv);</code>\n</pre>\n<p>You should get an empty alert, because Titanium should not be\navailable if you've browed to an external site such as google in\nthis example.</p>\n<p>Note: if you try to test the fail case, be sure to try a version\nof the sdk from before 12/13/2010, otherwise <a href=\n\"/projects/32238/tickets/2583\" title=\"Ticket #2583\">#2583</a> will\nhappen to you and you'll get a lockup.</p></div>{html}",
					"updateAuthor": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"created": "2011-04-15T02:42:04.000+0000",
					"updated": "2011-04-15T02:42:04.000+0000"
				},
				{
					"id": "124620",
					"author": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"body": "{html}<div><p>(from <a href=\n\"/projects/32238/changesets/a15892512a6eb0f7605a3a98615513e3f554ebde\"\ntitle=\n\"Changeset [a15892512a6eb0f7605a3a98615513e3f554ebde]\">[a15892512a6eb0f7605a3a98615513e3f554ebde]</a>)\n[<a href=\"/projects/32238/tickets/1036\" title=\n\"Ticket #1036\">#1036</a> state:fixed-in-qa] Drillbit test to be\nsure Ti/Titanium <em>not</em> available in external web sites\n<a href=\n\"https://github.com/appcelerator/titanium_mobile/commit/a15892512a6eb0f7605a3a98615513e3f554ebde\">\nhttps://github.com/appcelerator/titanium_mobile/commit/a15892512a6e...</a></p></div>{html}",
					"updateAuthor": {
						"name": "billdawson",
						"key": "billdawson",
						"displayName": "Bill Dawson",
						"active": true,
						"timeZone": "Europe/Berlin"
					},
					"created": "2011-04-15T02:42:04.000+0000",
					"updated": "2011-04-15T02:42:04.000+0000"
				},
				{
					"id": "124621",
					"author": {
						"name": "thomashuelbert",
						"key": "thomashuelbert",
						"displayName": "Thomas Huelbert",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"body": "{html}<div><p>2.2.1 (G2), 1.6 (G1) Titanium SDK version: 1.6.0 (01/04/11 08:01\ne49700d)</p></div>{html}",
					"updateAuthor": {
						"name": "thomashuelbert",
						"key": "thomashuelbert",
						"displayName": "Thomas Huelbert",
						"active": true,
						"timeZone": "America/Los_Angeles"
					},
					"created": "2011-04-15T02:42:05.000+0000",
					"updated": "2011-04-15T02:42:05.000+0000"
				}
			],
			"maxResults": 5,
			"total": 5,
			"startAt": 0
		}
	}
}