Closed Bug 1332422 Opened 8 years ago Closed 6 years ago

CSP should not use 'aExtra' to indicate redirects within ContentPolicy

Categories

(Core :: DOM: Security, defect, P3)

Product:
Core
Component:
DOM: Security
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla63
Tracking Flags:
Tracking Status
firefox63 --- fixed

People

(Reporter: ckerschb, Assigned: baku)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

Attachments

(1 file)

csp_blockedURI4.patch
17.13 KB, patch
ckerschb
: review+
Details | Diff | Splinter Review
nsIContentPolicy states * @param aExtra an OPTIONAL argument, pass-through for non-Gecko * callers to pass extra data to callees. CSP should not use aExtra to indicate redirects instead CSP should call a non public API.
Blocks: csp-w3c-3
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
I don't know if this is what we want, but working on other CSP related things, I removed this aExtra parameter, passing a nsIURI object directly when needed.
Assignee: nobody → amarchesini
Attachment #8992907 - Flags: review?(ckerschb)
Comment on attachment 8992907 [details] [diff] [review] csp_blockedURI4.patch Review of attachment 8992907 [details] [diff] [review]: ----------------------------------------------------------------- Thanks for cleaning that up. r=me
Attachment #8992907 - Flags: review?(ckerschb) → review+
Pushed by amarchesini@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/8a66951dd403 CSP should not use 'aExtra' to indicate redirects within ContentPolicy, r=ckerschb
https://hg.mozilla.org/mozilla-central/rev/8a66951dd403
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox63: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: