Closed Bug 1333886 Opened 8 years ago Closed 3 years ago

Add strict CSP headers to all static files (images, css, js, ErrorDocuments)

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: dylan, Assigned: dkl)

References

(Blocks 1 open bug)

Details

Dylan Hardison [:dylan] (he/him)

Reporter

Description

•

8 years ago

All content that doesn't come out of a .cgi should have a very restrict CSP header, for instance: script-src: none, object-src: none, etc.

Dylan Hardison [:dylan] (he/him)

Reporter

Updated

•

8 years ago

Component: Administration → General

Priority: -- → P5

Dylan Hardison [:dylan] (he/him)

Reporter

Updated

•

6 years ago

Assignee: nobody → dylan

Priority: P5 → P2

Kohei Yoshino

Updated

•

6 years ago

Type: defect → enhancement

Dylan Hardison [:dylan] (he/him)

Reporter

Updated

•

5 years ago

Assignee: dylan → nobody

David Lawrence [:dkl]

Assignee

Updated

•

3 years ago

Assignee: nobody → dkl

Status: NEW → ASSIGNED

David Lawrence [:dkl]

Assignee

Comment 1

•

3 years ago

No longer needed.

Status: ASSIGNED → RESOLVED

Closed: 3 years ago

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Add strict CSP headers to all static files (images, css, js, ErrorDocuments)

Categories

(bugzilla.mozilla.org :: General, enhancement, P2)

Tracking

()

People

(Reporter: dylan, Assigned: dkl)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated

Updated

Comment 1