Exposed chrome:// resources can leak point releases, confirmed can leak app language

The default permissions defined in the chrome.manifest file allow specific paths to be called from any web page. For example, chrome://browser/content/* or chrome://global/content/*.

For references see https://bugzilla.mozilla.org/show_bug.cgi?id=1534581

Trac:
Username: flngerprlnt

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information