Closed Bug 1315427 Opened 8 years ago Closed 8 years ago

Content security policy should not be applied to SVG when it is loaded as image

Tracking

()

Status:

RESOLVED DUPLICATE of bug 1262842

Tracking Flags:

Tracking

Status

firefox52

---

affected

People

(Reporter: xidorn, Unassigned)

Details

Xidorn Quan [:xidorn] UTC+11

Reporter

Description

•

8 years ago

It is common to use SVG with inline style. And when SVG is used as image, e.g. from CSS or <img> tag, no content security policy should be applied to it, according to Content Security Policy Leve 2.

However, currently Firefox applies the policy, which affects the rendering of SVG image when CSP is activated.

Chrome doesn't have this issue.

Robert Longson [:longsonr]

Updated

•

8 years ago

Status: NEW → RESOLVED

Closed: 8 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Content security policy should not be applied to SVG when it is loaded as image

Categories

(Core :: Security, defect)

Tracking

()

People

(Reporter: xidorn, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated