Closed Bug 1330920 Opened 7 years ago Closed 7 years ago

increase test coverage for sandboxed iframe srcdoc inheriting CSP

Categories

(Core :: DOM: Security, defect, P3)

defect

Tracking

()

RESOLVED DUPLICATE of bug 1073952

People

(Reporter: freddy, Assigned: freddy)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

This is a follow up of bug 1073952 to test nested iframes. Specifically, this is an update of ckerschb's original patch at https://bugzilla.mozilla.org/page.cgi?id=splinter.html&bug=1073952&attachment=8748864
Blocks: csp-w3c-3
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
copying bug 1073952 comment 27

(In reply to Christoph Kerschbaumer [:ckerschb] from comment #16)
> about:srcdoc. And probably we should only do that for TYPE_SUBDOCUMENT, right?

What about TYPE_DOCUMENT that has a CSP sandbox attribute? Do we have "self" tests for those?

What if the TYPE_DOCUMENT was opened sandboxed from a sandboxed about:srcdoc frame? What if that document is a data: document which inherits the about:srcdoc URL?
Merging the bugs again. See https://bugzilla.mozilla.org/show_bug.cgi?id=1073952#c30
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.