Closed
Bug 1365166
Opened 7 years ago
Closed 7 years ago
rename security.data_uri.inherit_security_context
Categories
(Core :: DOM: Security, enhancement)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla55
Tracking | Status | |
---|---|---|
firefox55 | --- | fixed |
People
(Reporter: allstars.chh, Assigned: allstars.chh)
References
Details
(Whiteboard: [domsecurity-active])
Attachments
(1 file)
8.29 KB,
patch
|
smaug
:
review+
ckerschb
:
review+
|
Details | Diff | Splinter Review |
We introduced the name 'security.data_uri.inherit_security_context' in bug 1328860. However I think the naming is a little confusing, for example, when we're doing a feature, it's default pref 'off', when the feature is ready, we turn 'on' But the feature security.data_uri.inherit_security_context now is 'On', and we are going to turn it 'OFF'. I am guessing this may cause some misunderstanding in the future, specially for release engineering, ckerschb, smaug, what do you think? Thanks
Assignee | ||
Updated•7 years ago
|
Flags: needinfo?(ckerschb)
Assignee | ||
Updated•7 years ago
|
Flags: needinfo?(bugs)
Comment 1•7 years ago
|
||
(In reply to Yoshi Huang [:allstars.chh] from comment #0) > ckerschb, smaug, what do you think? I don't have a strong opinion about that. If you wanna change it, that's fine with me.
Flags: needinfo?(ckerschb)
Comment 2•7 years ago
|
||
I don't have a strong opinion either. I see it so that currently we have legacy behavior enabled, and once everything is fixed, we can disable it.
Flags: needinfo?(bugs)
Assignee | ||
Comment 3•7 years ago
|
||
Thanks, then I'll rename it to security.data_uri.unique_opaque_origin and pref default off.
Assignee: nobody → allstars.chh
Whiteboard: [domsecurity-active]
Assignee | ||
Updated•7 years ago
|
Summary: Should we rename security.data_uri.inherit_security_context? → rename security.data_uri.inherit_security_context
Assignee | ||
Updated•7 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 4•7 years ago
|
||
Attachment #8868405 -
Flags: review?(bugs)
Attachment #8868405 -
Flags: feedback?(ckerschb)
Comment 5•7 years ago
|
||
Comment on attachment 8868405 [details] [diff] [review] Patch. > >+// TODO: Bug 1324406: Treat 'data:' documents as unique, opaque origins >+// If true, data: URIs will be treated as unique opaque origins, hence will use >+// a NullPrincipal as the security context. >+// Otherwise it will inherit the origin from parent node, this is the legacy >+// behavior of Firefox. >+pref ("security.data_uri.unique_opaque_origin", false); Looks like the old code had extra space between pref and (, want to fix it here.
Attachment #8868405 -
Flags: review?(bugs) → review+
Comment 6•7 years ago
|
||
Comment on attachment 8868405 [details] [diff] [review] Patch. Review of attachment 8868405 [details] [diff] [review]: ----------------------------------------------------------------- thanks
Attachment #8868405 -
Flags: feedback?(ckerschb) → review+
Pushed by yhuang@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/9cf73dbcd1a0 rename security.data_uri.inherit_security_context to security.data_uri.unique_opaque_origin. r=smaug, ckerschb
Comment 8•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/9cf73dbcd1a0
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
status-firefox55:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
You need to log in
before you can comment on or make changes to this bug.
Description
•