Closed
Bug 1332422
Opened 7 years ago
Closed 6 years ago
CSP should not use 'aExtra' to indicate redirects within ContentPolicy
Categories
(Core :: DOM: Security, defect, P3)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla63
| Tracking | Status | |
|---|---|---|
| firefox63 | --- | fixed |
People
(Reporter: ckerschb, Assigned: baku)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-backlog1])
Attachments
(1 file)
|
17.13 KB,
patch
|
ckerschb
:
review+
|
Details | Diff | Splinter Review |
nsIContentPolicy states * @param aExtra an OPTIONAL argument, pass-through for non-Gecko * callers to pass extra data to callees. CSP should not use aExtra to indicate redirects instead CSP should call a non public API.
|
Reporter | |
Updated•7 years ago
|
|
Assignee | |
Comment 1•6 years ago
|
||
I don't know if this is what we want, but working on other CSP related things, I removed this aExtra parameter, passing a nsIURI object directly when needed.
Assignee: nobody → amarchesini
Attachment #8992907 -
Flags: review?(ckerschb)
|
|
Reporter | |
Comment 2•6 years ago
|
||
Comment on attachment 8992907 [details] [diff] [review] csp_blockedURI4.patch Review of attachment 8992907 [details] [diff] [review]: ----------------------------------------------------------------- Thanks for cleaning that up. r=me
Attachment #8992907 -
Flags: review?(ckerschb) → review+
Pushed by amarchesini@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/8a66951dd403 CSP should not use 'aExtra' to indicate redirects within ContentPolicy, r=ckerschb
|
||
Comment 4•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/8a66951dd403
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox63:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
You need to log in
before you can comment on or make changes to this bug.
Description
•