Closed Bug 1217236 Opened 4 years ago Closed 4 years ago
Tracking protection: Resources on blocklist not blocked when accessed via Flash movies
A SWF that loads a resource that is on our Tracking Protection blocklist is currently able to do so. This is wrong. This issue may affect the NPAPI in general. Note: Please contact me for bug files. Reproducing this requires a custom blocklist, an emulated local shavar server and a custom Flash movie. I'm happy to stage something when we get around to looking at it.
This SWF loads the blocked URL "http://www.adjuggler.com/images/logo-ad-juggler.png": http://people.mozilla.org/~mwobensmith/tracking_protection/flash.html
Attachment #8696304 - Flags: review?(gpascutto) → review+
Looks to be fixed in latest Nightly 45, but the shield icon does not appear, despite having a blocked resource. Are we tracking that in another bug, or should I file a new one?
You're right, it also looks like the devtool console message isn't there. This needs a new bug.
Marking verified, and filed new bug 1232487 to track the lack of shield icon and console message.
You need to log in before you can comment on or make changes to this bug.