Closed Bug 1340058 Opened 7 years ago Closed 7 years ago

[observatory] Subresource Integrity (SRI) not implemented, but all external scripts are loaded over https

Categories

(support.mozilla.org - Lithium :: General, defect, P1)

Product:
support.mozilla.org - Lithium
Component:
General
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INVALID
Milestone:
2017q1

People

(Reporter: rolandtanglao, Unassigned)

References

Details

(Whiteboard: [1st2weeks] [li-00134461]) 

From: https://observatory.mozilla.org/analyze.html?host=support.mozilla.org

Subresource Integrity (SRI) not implemented, but all external scripts are loaded over https
Lithium Response: Not supported at this time.
(In reply to Roland Tanglao :rolandtanglao from comment #1)
> Lithium Response: Not supported at this time.

:pmcclard: i guess this means we should close this as "WONTFIX"?
Flags: needinfo?(pmcclard)
:rolandtanglao: Leave it open for now. I've asked Lithium when they might be able to implement this.
Flags: needinfo?(pmcclard)
Whiteboard: [1st2weeks] → [1st2weeks] [li-00134461]
Update from http://supportcases.lithium.com/50061000009MCTs
QUOTE
Created By: Kris Stewart (2/24/2017 11:04 AM)
[Recipients: Patrick McClard, Scott Riley, Ryan Ausano, Lisa Hern, rtanglao@mozilla.com]

I've already submitted the improvement requests for X-XSS-Protection and SRI support and have escalated it to my manager, the Director of Global Support. He'll make it clear to Engineering this is a critical request and we should have an idea of the timeline once Engineering has had a chance to review. 

END QUOTE

Need Info'ing myself to remind me to test this when done
Flags: needinfo?(rtanglao)
Component: Lithium Migration → General
Flags: needinfo?(rtanglao)
Product: support.mozilla.org → support.mozilla.org - Lithium
Target Milestone: --- → 2017q1
Priority: -- → P1
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.