Closed Bug 1359315 Opened 7 years ago Closed 7 years ago

don't use data: URI for test_bug1101364.html

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla55

Tracking Flags:

Tracking

Status

firefox55

---

fixed

People

(Reporter: allstars.chh, Assigned: allstars.chh)

References

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file, 1 obsolete file)

Patch. 7 years ago Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] 3.11 KB, patch	smaug : review+ ckerschb : feedback+	Details \| Diff \| Splinter Review
Patch. v2 7 years ago Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] 1.53 KB, patch	allstars.chh : review+	Details \| Diff \| Splinter Review

Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi]

Assignee

Description

•

7 years ago

This test uses data: URI, when we turn off the pref security.data_uri.inherit_security_context, accessing iframe.contentDocument will become null.

Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi]

Assignee

Comment 1

•

7 years ago

Attached patch Patch. (obsolete) — Details — Splinter Review

Assignee: nobody → allstars.chh

Status: NEW → ASSIGNED

Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi]

Assignee

Updated

•

7 years ago

Attachment #8861296 - Flags: review?(ckerschb)

Christoph Kerschbaumer [:ckerschb]

Comment 2

•

7 years ago

Comment on attachment 8861296 [details] [diff] [review]
Patch.

Review of attachment 8861296 [details] [diff] [review]:
-----------------------------------------------------------------

looks good to me, but I am not a dom-peer, hence I can't sign off on it.

Attachment #8861296 - Flags: review?(ckerschb) → feedback+

Christoph Kerschbaumer [:ckerschb]

Updated

•

7 years ago

Priority: -- → P2

Whiteboard: [domsecurity-active]

Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi]

Assignee

Updated

•

7 years ago

Attachment #8861296 - Flags: review?(bugs)

Olli Pettay [:smaug][bugs@pettay.fi]

Comment 3

•

7 years ago

Comment on attachment 8861296 [details] [diff] [review]
Patch.

Couldn't we use srcdoc in this kind of cases?

Attachment #8861296 - Flags: review?(bugs) → review+

Ryan VanderMeulen [:RyanVM]

Updated

•

7 years ago

status-firefox55: --- → affected

status-firefox57: affected → ---

Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi]

Assignee

Comment 4

•

7 years ago

Attached patch Patch. v2 — Details — Splinter Review

Thanks for smaug's suggestion, converted it to use srcdoc.

Attachment #8861296 - Attachment is obsolete: true

Attachment #8862345 - Flags: review+

Pulsebot

Comment 5

•

7 years ago

Pushed by kwierso@gmail.com:
https://hg.mozilla.org/mozilla-central/rev/6f1e99e90c67
don't use data: URI for test_bug1101364.html. r=smaug

Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)

Comment 6

•

7 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/6f1e99e90c67

Status: ASSIGNED → RESOLVED

Closed: 7 years ago

status-firefox55: affected → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla55

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

don't use data: URI for test_bug1101364.html

Categories

(Core :: DOM: Security, enhancement, P2)

Tracking

()

People

(Reporter: allstars.chh, Assigned: allstars.chh)

References

Details

(Whiteboard: [domsecurity-active])

Crash Data

Security

(public)

User Story

Attachments

(1 file, 1 obsolete file)

Description

Comment 1

Updated

Comment 2

Updated

Updated

Comment 3

Updated

Comment 4

Comment 5

Comment 6

Attachment

General

Description

File Name

Content Type