Closed
Bug 1205448
Opened 9 years ago
Closed 9 years ago
Ship subresource integrity enabled by default
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla43
People
(Reporter: francois, Assigned: francois)
References
()
Details
(Keywords: dev-doc-complete)
Attachments
(1 file)
|
Assignee | |
Updated•9 years ago
|
|
|
Assignee | |
Comment 1•9 years ago
|
||
Bug 1205448 - Ship subresource integrity enabled by default. r?ckerschb
Attachment #8662097 -
Flags: review?(mozilla)
|
||
Updated•9 years ago
|
Attachment #8662097 -
Flags: review?(mozilla) → review+
|
|
||
Comment 2•9 years ago
|
||
Comment on attachment 8662097 [details] MozReview Request: Bug 1205448 - Ship subresource integrity enabled by default. r=ckerschb https://reviewboard.mozilla.org/r/19499/#review17475 ::: modules/libpref/init/all.js:1967 (Diff revision 1) > -pref("security.sri.enable", false); > +pref("security.sri.enable", true); Hurray - looks good to me!
|
|
Assignee | |
Comment 3•9 years ago
|
||
Release Note Request (optional, but appreciated) [Why is this notable]: New web platform feature for developers [Suggested wording]: Support for subresource integrity [Links (documentation, blog post, etc)]: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity Note: this has not yet landed, but it should land today or tomorrow.
relnote-firefox:
--- → ?
|
|
Assignee | |
Comment 4•9 years ago
|
||
Comment on attachment 8662097 [details] MozReview Request: Bug 1205448 - Ship subresource integrity enabled by default. r=ckerschb Bug 1205448 - Ship subresource integrity enabled by default. r=ckerschb
Attachment #8662097 -
Attachment description: MozReview Request: Bug 1205448 - Ship subresource integrity enabled by default. r?ckerschb → MozReview Request: Bug 1205448 - Ship subresource integrity enabled by default. r=ckerschb
|
|
||
Comment 5•9 years ago
|
||
https://reviewboard.mozilla.org/r/19499/#review17627 ::: testing/web-platform/meta/subresource-integrity/subresource-integrity.html.ini:2 (Diff revision 2) > type: testharness sweet - fixing web platform tests!
|
||
Comment 7•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/5ff4c724c6b7
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox43:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
|
||
Comment 8•9 years ago
|
||
Added to release notes with this wording and the link to MDN: Subresource integrity allows developers to make their sites more secure
|
||
Updated•9 years ago
|
Keywords: dev-doc-needed
|
|
Assignee | |
Comment 9•9 years ago
|
||
Jean-Yves: there's https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity on MDN and I filed bug 1206220 with some comments.
|
|
||
Comment 10•9 years ago
|
||
Yep, it will be to update the compat data on this page when it is enabled by default.
|
|
||
Comment 11•9 years ago
|
||
I double checked the release version indicated in the different doc pages and it is the correct one :-)
Keywords: dev-doc-needed → dev-doc-complete
|
|
||
Comment 12•9 years ago
|
||
I noted this a while back for 43, but also now have a note for bug 992096. Are these really the same thing?
Flags: needinfo?(francois)
|
|
Assignee | |
Comment 13•9 years ago
|
||
> I noted this a while back for 43, but also now have a note for bug 992096. Are these really the same thing? Yes, they're the same thing. bug 992096 was to implement it pref'ed OFF and this bug was to pref it ON by default. Both landed in 43.
Flags: needinfo?(francois)
You need to log in
before you can comment on or make changes to this bug.
Description
•