Created attachment 8777082 [details] Screenshot 2016-08-02 16.58.52.png While investigating bug 1290116 I discovered that we can block our own about:neterror page as insecure mixed content. (See the attached screenshot.) It seems like we should perhaps treat about:neterror as a secure origin or at least exempt it from mixed content blocking. Tanvi, what do you think?
But 1293476 has some discussion that might be relevant...
Depends on: 1293476
Yes, this is likely the same problem described here: https://bugzilla.mozilla.org/show_bug.cgi?id=1293476#c7 Does about:neterror have the URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT URI flag set on it?
Component: Security → DOM: Security
Henry, is that the same problem as in Bug 1293476? If so, please make it as a dup.
Yes it is! Making it as a dup :)
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1293476
You need to log in before you can comment on or make changes to this bug.