CSP frame-ancestors allows pages to decide who they get framed by. (basically the same effect as x-frame-options-allow). On b2g we dont have the rigth error page, and when CSP blocks the page, its just a generic network error. I'll attach screenshots to show the different between desktop and b2g.
cspUXerror.png shows how on b2g we dont show a CSP warning, we just say it a was a network error.
(PS this doesn't need to block 2.5)
PPS you can test with http://praw.nz/frame.html
Paul, B2G specific bug, can we close or reclassify?
Realistically no-one is working on this any more. I think we can close this and roll this into the general task of improving warning pages on FxOS.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Component: DOM: Security → General
Product: Core → Firefox OS
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.