Unescape data: URI for console message when blocking toplevel data: URI navigations

RESOLVED FIXED in Firefox 57

Status

()

enhancement
P2
normal
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: ckerschb, Assigned: ckerschb)

Tracking

unspecified
mozilla57
Points:
---

Firefox Tracking Flags

(firefox57 fixed)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 attachment)

Currently we log the following message to the console:

> "Navigation to toplevel data: URI not allowed (Blocked loading of: “data:text/html,%3Cscript%3Edocument.write(document...”)"

I think it makes sense to use the decoded URI when logging to the console.
(Assignee)

Updated

2 years ago
Assignee: nobody → ckerschb
Blocks: 1380959
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [domsecurity-active]
(Assignee)

Updated

2 years ago
Summary: Use decoded data: URI for console message when blocking toplevel data: URI navigations → Unescape data: URI for console message when blocking toplevel data: URI navigations
When logging to the console we should print the unescaped data: URI, which makes reading the data: URI much nicer.
Attachment #8906617 - Flags: review?(bugs)
Attachment #8906617 - Flags: review?(bugs) → review+

Comment 2

2 years ago
Pushed by mozilla@christophkerschbaumer.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/ba39904a38eb
Unescape data: URI for console message when blocking toplevel data: URI navigations. r=smaug
https://hg.mozilla.org/mozilla-central/rev/ba39904a38eb
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in before you can comment on or make changes to this bug.