Closed Bug 1391243 Opened 7 years ago Closed 4 months ago

CSP: Implement report-to

Categories

(Core :: DOM: Core & HTML, enhancement, P3)

Product:
Core
Component:
DOM: Core & HTML
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
130 Branch
Tracking Flags:
Tracking Status
firefox130 --- fixed

People

(Reporter: ckerschb, Assigned: freya.laluna, Mentored)

References

(Blocks 2 open bugs, Regressed 1 open bug)

Details

(Keywords: dev-doc-complete, Whiteboard: [domsecurity-backlog1])

Attachments

(2 files)

Bug 1391243 - Implementing Report-To Directive
48 bytes, text/x-phabricator-request
Details | Review
Bug 1391243 - Revised ReportDeliver Notify Method
48 bytes, text/x-phabricator-request
Details | Review
Blocks: csp-w3c-3
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
Blocks: 1631237
Severity: normal → S3

issue still open since 6+ years blocking consensus for transition report-uri -> report-to.
see: https://w3c.github.io/webappsec-csp/#directive-report-uri

Component: DOM: Security → DOM: Core & HTML

Updated report processing to include support for
report-to directive. Currently supports report-building
and sending through nsCSPContext::SendReports.

Duplicate of this bug: 1873034
Mentor: sefeng
Assignee: nobody → freya.laluna
Status: NEW → ASSIGNED

Changed how ReportDeliver::Notify is dispatched from ReportDeliver::AppendReportData. Now, instead of relying on a predetermined timer to call Notify, it is dispatched to the current thread queue in a Runnable.
Additionally changed credentials mode to RequestCredentials::Same_origin in ReportDeliver::SendReports to align with W3C reporting specifications,

Attachment #9370668 - Attachment description: WIP: Bug 1391243 - Implementing Report-To Directive → Bug 1391243 - Implementing Report-To Directive
Attachment #9387944 - Attachment description: WIP: Bug 1391243 - Revised ReportDeliver Notify Method → Bug 1391243 - Revised ReportDeliver Notify Method

Is this still being worked on?

Flags: needinfo?(freya.laluna)
Flags: needinfo?(sefeng)

Yeah, Freya is still working on this.

Flags: needinfo?(sefeng)
Flags: needinfo?(freya.laluna)
Attachment #9370668 - Attachment description: Bug 1391243 - Implementing Report-To Directive → WIP: Bug 1391243 - Implementing Report-To Directive
Attachment #9370668 - Attachment description: WIP: Bug 1391243 - Implementing Report-To Directive → Bug 1391243 - Implementing Report-To Directive
Pushed by sefeng@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/17a0209f5595 Implementing Report-To Directive r=sefeng,farre https://hg.mozilla.org/integration/autoland/rev/1dd7df601ace Revised ReportDeliver Notify Method r=sefeng https://hg.mozilla.org/integration/autoland/rev/dcdf8bd23501 1860588: apply code formatting via Lando

https://hg.mozilla.org/mozilla-central/rev/17a0209f5595
https://hg.mozilla.org/mozilla-central/rev/1dd7df601ace
https://hg.mozilla.org/mozilla-central/rev/dcdf8bd23501

Status: ASSIGNED → RESOLVED
Closed: 4 months ago
status-firefox130: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 130 Branch
Keywords: dev-doc-needed
Regressions: 1909649
Regressions: 1909650
Regressions: 1910413

FF130 MDN docs work for this can be tracked in https://github.com/mdn/content/issues/35279

EDIT, note, I'm clearing my request for information. After extensive testing I think I know how this works. If I'm wrong we can correct in a post process.

Flags: needinfo?(sefeng)
Flags: needinfo?(freya.laluna)
Flags: needinfo?(sefeng)
Flags: needinfo?(freya.laluna)
Keywords: dev-doc-neededdev-doc-complete
Regressions: 1922967
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: