Closed Bug 1273430 Opened 4 years ago Closed 4 years ago
Write testcase for CSP upgrade-insecure-requests including doc
After the W3C f2f we figured it might be nice to have a testcase for the following scenario: * A toplevel https page ship with a CSP upgrade-insecure-requests * includes an http iframe which gets upgraded to load over https * that iframe performs a doc.write(iframe) with an *http* URL * make sure that the innermost iframe gets upgraded to use https.
Assignee: nobody → ckerschb
Status: NEW → ASSIGNED
Whiteboard: [domsecurity-backlog] → [domsecurity-active]
Hey Tanvi, this works as expected, but it's nice to have a testcase so we never regress that.
Attachment #8769713 - Flags: review?(tanvi)
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/mozilla-inbound/rev/90f9475f9746 Test CSP upgrade-insecure-requests for doc.write(iframe). r=tanvi
You need to log in before you can comment on or make changes to this bug.