Open
Bug 1359358
Opened 7 years ago
Updated 2 years ago
Investigate triggeringPrincipal for loadURI() within nsDSURIContentListener.cpp
Categories
(Core :: DOM: Security, enhancement, P3)
Core
DOM: Security
Tracking
()
NEW
People
(Reporter: ckerschb, Unassigned)
References
Details
(Whiteboard: [domsecurity-backlog1])
We should double check if we should use the systemPrincipal as the fallback principal in case there is no loadInfo, or if we should create a NullPrincipal. Please check for originattributes and test test_browserElement_inproc_XFrameOptionsAllowFrom.html which used to fail in case we use a nullPrincipal with the wrong origin attributes.
Reporter | ||
Updated•7 years ago
|
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•