increase test coverage for sandboxed iframe srcdoc inheriting CSP

RESOLVED DUPLICATE of bug 1073952

Status

()

Core
DOM: Security
P3
normal
RESOLVED DUPLICATE of bug 1073952
a year ago
a year ago

People

(Reporter: freddyb, Assigned: freddyb)

Tracking

(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [domsecurity-backlog1])

(Assignee)

Description

a year ago
This is a follow up of bug 1073952 to test nested iframes. Specifically, this is an update of ckerschb's original patch at https://bugzilla.mozilla.org/page.cgi?id=splinter.html&bug=1073952&attachment=8748864
Blocks: 1231788
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
copying bug 1073952 comment 27

(In reply to Christoph Kerschbaumer [:ckerschb] from comment #16)
> about:srcdoc. And probably we should only do that for TYPE_SUBDOCUMENT, right?

What about TYPE_DOCUMENT that has a CSP sandbox attribute? Do we have "self" tests for those?

What if the TYPE_DOCUMENT was opened sandboxed from a sandboxed about:srcdoc frame? What if that document is a data: document which inherits the about:srcdoc URL?
(Assignee)

Comment 2

a year ago
Merging the bugs again. See https://bugzilla.mozilla.org/show_bug.cgi?id=1073952#c30
Status: ASSIGNED → RESOLVED
Last Resolved: a year ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1073952
You need to log in before you can comment on or make changes to this bug.