Open Bug 1269050 Opened 8 years ago Updated 2 years ago

Make the "is Secure Context" code more robust by using HTTPS state

Categories

(Core :: Security, defect)

defect

Tracking

()

People

(Reporter: jwatt, Unassigned)

References

(Depends on 1 open bug)

Details

Spinning this off from bug 1162772. In that bug we landed an implementation of Window.isSecureContext that is a reasonable approximation of how Window.isSecureContext should behave, but which is overly conservative in some cases. Once bug 1220687 is fixed we should start using HTTPS state in the nsGlobalWindow::ComputeIsSecureContext so that our Window.isSecureContext implementation is more robust and accurate.
De-assigning since it seems unlikely I'll be working on this any time soon.
Assignee: jwatt → nobody

See bug 1220687 comment 57, this might be unneeded at this point.

Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.