Closed
Bug 1226437
Opened 9 years ago
Closed 9 years ago
Meta CSP should not overwrite referrer policy when speculatively applied
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla45
Tracking | Status | |
---|---|---|
firefox45 | --- | fixed |
People
(Reporter: ckerschb, Assigned: ckerschb)
References
Details
Attachments
(1 file, 1 obsolete file)
3.11 KB,
patch
|
ckerschb
:
review+
|
Details | Diff | Splinter Review |
No description provided.
Assignee | ||
Updated•9 years ago
|
We should treat referrer policies found in a <meta csp> the same way as we treat <meta referrer>. There's a bunch of code in place to handle that which makes sure that we never use a resource fetched with the wrong referrer.
...so it'd be nice to leverage that existing code.
Assignee | ||
Comment 3•9 years ago
|
||
Jonas, as discussed over IRC speculate meta csp should only set speculative referrer policy and not the *actual* referrer policy.
Attachment #8689848 -
Flags: review?(jonas)
Comment on attachment 8689848 [details] [diff] [review]
bug_1226437_meta_csp_referrer_regression.patch
Review of attachment 8689848 [details] [diff] [review]:
-----------------------------------------------------------------
::: parser/html/nsHtml5TreeOpExecutor.cpp
@@ +1022,5 @@
> +{
> + // Record "speculated" referrer policy locally and thread through the
> + // speculation phase. The actual referrer policy will be set by
> + // HTMLMetaElement::BindToTree().
> + mSpeculationReferrerPolicy = aReferrerPolicy;
Don't move this function. It'll just make hg-history messier.
Attachment #8689848 -
Flags: review?(jonas) → review+
Assignee | ||
Comment 5•9 years ago
|
||
Attachment #8689848 -
Attachment is obsolete: true
Attachment #8690157 -
Flags: review+
Assignee | ||
Updated•9 years ago
|
Keywords: checkin-needed
Keywords: checkin-needed
Comment 7•9 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox45:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla45
You need to log in
before you can comment on or make changes to this bug.
Description
•