Closed
Bug 1329065
Opened 8 years ago
Closed 8 years ago
Leak referrer information if the referrer policy is set to UnSet
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla53
| Tracking | Status | |
|---|---|---|
| firefox53 | --- | fixed |
People
(Reporter: tnguyen, Assigned: tnguyen)
References
Details
Attachments
(1 file, 1 obsolete file)
|
7.86 KB,
patch
|
mcmanus
:
review+
|
Details | Diff | Splinter Review |
Follow Bug 1304623 comment 36, if the referrer policy is set to unset, it passed all the checks and leak unsafe referrer information.
|
Assignee | |
Comment 1•8 years ago
|
||
MozReview-Commit-ID: JG5DVBqGczS
|
|
Assignee | |
Updated•8 years ago
|
Assignee: nobody → tnguyen
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 2•8 years ago
|
||
MozReview-Commit-ID: JG5DVBqGczS
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8824310 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 3•8 years ago
|
||
|
|
Assignee | |
Comment 4•8 years ago
|
||
Comment on attachment 8824311 [details] [diff] [review]
Check the correct policy when setting referrer header
Hi Patrick
I have to change the flow of set referrer policy and add some missing tests for the case Unset.
Could you please take a look?
Attachment #8824311 -
Flags: review?(mcmanus)
|
||
Updated•8 years ago
|
Attachment #8824311 -
Flags: review?(mcmanus) → review+
|
|
Assignee | |
Updated•8 years ago
|
Keywords: checkin-needed
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/9835378fead4
Check the correct policy when setting referrer header. r=mcmanus
Keywords: checkin-needed
|
||
Comment 6•8 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
status-firefox53:
--- → fixed
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
You need to log in
before you can comment on or make changes to this bug.
Description
•