Closed Bug 1063021 Opened 10 years ago Closed 8 years ago

CSP: Log parser errors when pref 'security.csp.debug' is on

Categories

(Core :: DOM: Security, enhancement, P3)

enhancement

Tracking

()

RESOLVED FIXED

People

(Reporter: ckerschb, Assigned: freddy)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

In the old CSP (JavaSciprt) implementation we used the the pref security.csp.debug to log warnings when parsing failed. We should re-introduce that pref in the new parser (nsCSPParser.cpp). Probably also in CSPUtils, CSPContext.
Blocks: CSP
Severity: normal → enhancement
Priority: -- → P4
Assignee: nobody → francois
Francois, we are triaging at the moment, any progress on this one?
Flags: needinfo?(francois)
Priority: P4 → P3
No progress. I haven't looked at this yet, so I'll unassign myself in case someone else wants to take it on.
Assignee: francois → nobody
Flags: needinfo?(francois)
Not sure if we still want to bring that option back. Debugging CSP has worked fine without using that option. If we decide not to bring it back we should remove the flag here:
http://mxr.mozilla.org/mozilla-central/source/modules/libpref/init/all.js#2015
Whiteboard: [domsecurity-backlog]
This seems simple enough for me to take, but needs advise:
Implement logging (I assume CSP isn't becoming less complex) or remove the pref.
I'd weakly suggest the former.
(In reply to Frederik Braun [:freddyb] from comment #4)
> This seems simple enough for me to take, but needs advise:
> Implement logging (I assume CSP isn't becoming less complex) or remove the
> pref.
> I'd weakly suggest the former.

Yeah, would be nice to have some logging - go for it, thanks!
Assignee: nobody → fbraun
Status: NEW → ASSIGNED
Whiteboard: [domsecurity-backlog] → [domsecurity-active]
Looking at https://dxr.mozilla.org/mozilla-central/search?q=logWarningErrorToConsole&redirect=false&case=false we seem to have extensive logging for most error cases that developers might run into. We agreed out-of-band that removing is fine.
Attachment #8740953 - Flags: review?(ckerschb) → review+
Comment on attachment 8740953 [details]
MozReview Request: Bug 1063021 - Remove security.csp.debug pref r?ckerschb

https://reviewboard.mozilla.org/r/46097/#review42587

r=me
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.