Skip Security checks if triggeringPrincipal is SystemPrincipal only for subresource loads

RESOLVED FIXED in Firefox 48

Status

()

Core
DOM: Security
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: ckerschb, Assigned: ckerschb)

Tracking

unspecified
mozilla48
Points:
---

Firefox Tracking Flags

(firefox48 fixed)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 attachment, 1 obsolete attachment)

Comment hidden (empty)
(Assignee)

Updated

2 years ago
Blocks: 1232903
(Assignee)

Updated

2 years ago
No longer blocks: 1232903
Depends on: 1232903
(Assignee)

Comment 1

2 years ago
Created attachment 8731866 [details] [diff] [review]
bug_1257650_skip_security_checks_subresource_loads_only.patch
Attachment #8731866 - Flags: review?(jonas)
(Assignee)

Updated

2 years ago
Assignee: nobody → mozilla
Status: NEW → ASSIGNED
Comment on attachment 8731866 [details] [diff] [review]
bug_1257650_skip_security_checks_subresource_loads_only.patch

Review of attachment 8731866 [details] [diff] [review]:
-----------------------------------------------------------------

This looks good, but can we also fix the problem with CORS loads?
(Assignee)

Comment 3

2 years ago
Created attachment 8732432 [details] [diff] [review]
bug_1257650_skip_security_checks_subresource_loads_only.patch

(In reply to Jonas Sicking (:sicking) from comment #2)
> This looks good, but can we also fix the problem with CORS loads?

I think that should do what we want here.
Attachment #8731866 - Attachment is obsolete: true
Attachment #8731866 - Flags: review?(jonas)
Attachment #8732432 - Flags: review?(jonas)
(Assignee)

Updated

2 years ago
Whiteboard: [domsecurity-active]
(Assignee)

Updated

2 years ago
Keywords: checkin-needed

Comment 5

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/116e62eb5e97
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
status-firefox48: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla48
You need to log in before you can comment on or make changes to this bug.