Closed
Bug 760483
Opened 12 years ago
Closed 12 years ago
[mozillians] CSP Violation: data:image/gif; base64
Categories
(Participation Infrastructure :: Phonebook, defect)
Participation Infrastructure
Phonebook
Tracking
(Not tracked)
VERIFIED
WONTFIX
2012-06-13
People
(Reporter: mbrandt, Assigned: jsocol)
Details
[mozillians] CSP Violation: data:image/gif; base64,R0lGODlhEAAQAIQfAAFYsQJkw15iWgRz3AeN0Xl8c2mBiQma5B6W1h+b3yqh4BKp+kWk0pudlDC2/0y79X+4z1fC/7q6r3DK/4rN7a3Kz8fKwc/Uyr3c5N7dzuTi1Ofl1enm2O3r3/b06////yH+EUNyZWF0ZWQgd2l0aCBHSU1QACH5BAEKAB8ALAAAAAAQABAAAAWf4OeNXmdyX6qKpNSc25p6TVEIgl1osljntxxPNrIILhrDZBl5OBaLj6mTa1CWk+YTOpXgsBEM5gFdmDLBiJrC2VCgB85lYJFcmg+MPAPnDP4aGg4ODxsVFBkPBwd/jRuDFBoQDxkVix+NHwBQSBmeFwoEHwEDAQEAAJQVDAwQFxCipqeoABkMiwcWFqKjpqgEBLjAwDIAHwoJyQkIzB8hADs=: img-src https://mozillians.org:443 http://statse.webtrendslive.com:80 https://statse.webtrendslive.com:443 http://www.gravatar.com:80 https://secure.gravatar.com:443 Content Security Policy Violation Report Request: GET https://mozillians.org/en-US/?next=/en-US/group/11058-automation-development HTTP/1.1 Blocked URI: data:image/gif;base64,R0lGODlhEAAQAIQfAAFYsQJkw15iWgRz3AeN0Xl8c2mBiQma5B6W1h+b3yqh4BKp+kWk0pudlDC2/0y79X+4z1fC/7q6r3DK/4rN7a3Kz8fKwc/Uyr3c5N7dzuTi1Ofl1enm2O3r3/b06////yH+EUNyZWF0ZWQgd2l0aCBHSU1QACH5BAEKAB8ALAAAAAAQABAAAAWf4OeNXmdyX6qKpNSc25p6TVEIgl1osljntxxPNrIILhrDZBl5OBaLj6mTa1CWk+YTOpXgsBEM5gFdmDLBiJrC2VCgB85lYJFcmg+MPAPnDP4aGg4ODxsVFBkPBwd/jRuDFBoQDxkVix+NHwBQSBmeFwoEHwEDAQEAAJQVDAwQFxCipqeoABkMiwcWFqKjpqgEBLjAwDIAHwoJyQkIzB8hADs= Violation: img-src https://mozillians.org:443 http://statse.webtrendslive.com:80 https://statse.webtrendslive.com:443 http://www.gravatar.com:80 https://secure.gravatar.com:443 Request Headers:
Assignee | ||
Comment 1•12 years ago
|
||
Need to add "data:" to the img-src list. BUT, I don't see 'data:' anywhere in the source of the page. I wonder, again, if this is an add-on? If you decode the image, it looks like some sort of translation icon. My guess is an add-on is inserting it into the page. This is something we might want to send along to Sid (thus: cced).
Assignee: nobody → james
Target Milestone: --- → 2012-06-13
Assignee | ||
Comment 2•12 years ago
|
||
For the record, I'm disinclined to fix. We don't use data: URIs for images, afaik, anywhere in Mozillians, except the opensearch plugin.
Assignee | ||
Comment 3•12 years ago
|
||
Per comment 2, and no one has disagreed. => WONTFIX.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
Reporter | ||
Comment 4•12 years ago
|
||
James, thanks for following up and marking wontfix. I agree and am bumping to verified.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•