about:neterror is not considered a secure page and can be mixed content blocked

RESOLVED DUPLICATE of bug 1293476

Status

()

RESOLVED DUPLICATE of bug 1293476
2 years ago
2 years ago

People

(Reporter: bkelly, Unassigned)

Tracking

(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

Created attachment 8777082 [details]
Screenshot 2016-08-02 16.58.52.png

While investigating bug 1290116 I discovered that we can block our own about:neterror page as insecure mixed content.  (See the attached screenshot.)

It seems like we should perhaps treat about:neterror as a secure origin or at least exempt it from mixed content blocking.

Tanvi, what do you think?
Flags: needinfo?(tanvi)
(Reporter)

Updated

2 years ago
See Also: → bug 1290116
But 1293476 has some discussion that might be relevant...
Depends on: 1293476
Yes, this is likely the same problem described here: https://bugzilla.mozilla.org/show_bug.cgi?id=1293476#c7

Does about:neterror have the URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT URI flag set on it?
Flags: needinfo?(tanvi)
Component: Security → DOM: Security
Blocks: 815321
Henry, is that the same problem as in Bug 1293476? If so, please make it as a dup.
Flags: needinfo?(hchang)
Yes it is! Making it as a dup :)
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Flags: needinfo?(hchang)
Resolution: --- → DUPLICATE
Duplicate of bug: 1293476
You need to log in before you can comment on or make changes to this bug.