Closed Bug 1363634 Opened 3 years ago Closed 3 years ago

rewrite test_style_crossdomain.html

Categories

(Core :: DOM: Security, enhancement, P2)

enhancement

Tracking

()

RESOLVED FIXED
mozilla55
Tracking Status
firefox55 --- fixed

People

(Reporter: allstars.chh, Assigned: allstars.chh)

References

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file, 1 obsolete file)

dom/security/test/sri/test_style_crossdomain.html will use data:text/css for the CSS file, however it will fail if we turn off security.data_uri.inherit_security_context
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [domsecurity-active]
After checking the test, data:text/css should be considered as a CORS request, and should be blocked if crossorigin is not specified.
Summary: rewrite test_style_crossdomain.html to not use data: URI → rewrite test_style_crossdomain.html
Attached patch Patch. (obsolete) — Splinter Review
Attachment #8867086 - Flags: review?(ckerschb)
Attached patch Patch. v2Splinter Review
Attachment #8867086 - Attachment is obsolete: true
Attachment #8868407 - Flags: review?(ckerschb)
Comment on attachment 8868407 [details] [diff] [review]
Patch. v2

Review of attachment 8868407 [details] [diff] [review]:
-----------------------------------------------------------------

Yeah, I think _legacy.html as postfix is just fine. thanks!
Attachment #8868407 - Flags: review?(ckerschb) → review+
Pushed by yhuang@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/550bd3db9e02
rewrite test_style_crossdomain.html. r=ckerschb
https://hg.mozilla.org/mozilla-central/rev/550bd3db9e02
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
You need to log in before you can comment on or make changes to this bug.