Open
Bug 1295777
Opened 8 years ago
Updated 7 months ago
Align nsMixedContentBlocker with Mixed Content Blocker spec
Categories
(Core :: DOM: Security, defect, P3)
Core
DOM: Security
Tracking
()
NEW
People
(Reporter: tanvi, Unassigned)
References
(Depends on 1 open bug, Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-backlog1])
When nsMixedContentBlocker was written in 2013, there was no mixed content blocking spec. Now there is, which is great! But our implementation isn't completely spec compatible. For example, we don't use isOriginPotentiallyTrustworthy from the Secure Context spec. We need to identify the gaps here and fix them (either all in one bug or multiple sub-bugs). Editors draft: https://w3c.github.io/webappsec-mixed-content/ Latest published: https://www.w3.org/TR/mixed-content/
|
||
Updated•8 years ago
|
Blocks: MixedContentBlocker
|
|
||
Updated•8 years ago
|
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
|
Reporter | |
Comment 1•7 years ago
|
||
https://w3c.github.io/webappsec-mixed-content/#a-priori-authenticated-url
|
||
Updated•7 years ago
|
Assignee: nobody → kmckinley
|
|
||
Updated•6 years ago
|
Assignee: kate+bugzilla → nobody
|
||
Updated•2 years ago
|
Severity: normal → S3
|
||
Updated•7 months ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•