Closed Bug 1391243 Opened 8 years ago Closed 1 year ago

CSP: Implement report-to

Categories

(Core :: DOM: Core & HTML, enhancement, P3)

Product:
Core
Component:
DOM: Core & HTML
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
130 Branch
Tracking Flags:
Tracking Status
firefox130 --- fixed

People

(Reporter: ckerschb, Assigned: freyalaluna, Mentored)

References

(Blocks 2 open bugs, Regressed 1 open bug)

Details

(Keywords: dev-doc-complete, Whiteboard: [domsecurity-backlog1])

Attachments

(2 files)

Bug 1391243 - Implementing Report-To Directive
48 bytes, text/x-phabricator-request
Details | Review
Bug 1391243 - Revised ReportDeliver Notify Method
48 bytes, text/x-phabricator-request
Details | Review
Blocks: csp-w3c-3
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
Severity: normal → S3

issue still open since 6+ years blocking consensus for transition report-uri -> report-to.
see: https://w3c.github.io/webappsec-csp/#directive-report-uri

Component: DOM: Security → DOM: Core & HTML

Updated report processing to include support for
report-to directive. Currently supports report-building
and sending through nsCSPContext::SendReports.

Duplicate of this bug: 1873034
Mentor: sefeng
Assignee: nobody → freya.laluna
Status: NEW → ASSIGNED

Changed how ReportDeliver::Notify is dispatched from ReportDeliver::AppendReportData. Now, instead of relying on a predetermined timer to call Notify, it is dispatched to the current thread queue in a Runnable.
Additionally changed credentials mode to RequestCredentials::Same_origin in ReportDeliver::SendReports to align with W3C reporting specifications,

Attachment #9370668 - Attachment description: WIP: Bug 1391243 - Implementing Report-To Directive → Bug 1391243 - Implementing Report-To Directive
Attachment #9387944 - Attachment description: WIP: Bug 1391243 - Revised ReportDeliver Notify Method → Bug 1391243 - Revised ReportDeliver Notify Method

Is this still being worked on?

Flags: needinfo?(freya.laluna)

Yeah, Freya is still working on this.

Flags: needinfo?(sefeng)
Attachment #9370668 - Attachment description: Bug 1391243 - Implementing Report-To Directive → WIP: Bug 1391243 - Implementing Report-To Directive
Attachment #9370668 - Attachment description: WIP: Bug 1391243 - Implementing Report-To Directive → Bug 1391243 - Implementing Report-To Directive
Pushed by sefeng@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/17a0209f5595 Implementing Report-To Directive r=sefeng,farre https://hg.mozilla.org/integration/autoland/rev/1dd7df601ace Revised ReportDeliver Notify Method r=sefeng https://hg.mozilla.org/integration/autoland/rev/dcdf8bd23501 1860588: apply code formatting via Lando

https://hg.mozilla.org/mozilla-central/rev/17a0209f5595
https://hg.mozilla.org/mozilla-central/rev/1dd7df601ace
https://hg.mozilla.org/mozilla-central/rev/dcdf8bd23501

Status: ASSIGNED → RESOLVED
Closed: 1 year ago
status-firefox130: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 130 Branch
Keywords: dev-doc-needed
Regressions: 1909649
Regressions: 1909650
Regressions: 1910413

FF130 MDN docs work for this can be tracked in https://github.com/mdn/content/issues/35279

EDIT, note, I'm clearing my request for information. After extensive testing I think I know how this works. If I'm wrong we can correct in a post process.

Flags: needinfo?(sefeng)
Flags: needinfo?(freya.laluna)
Flags: needinfo?(sefeng)
Flags: needinfo?(freya.laluna)
Regressions: 1922967
Regressions: 1937224

Does someone know if the preference is going to be removed?

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: