Closed Bug 1398691 Opened 7 years ago Closed 7 years ago

Unescape data: URI for console message when blocking toplevel data: URI navigations

Categories

(Core :: DOM: Security, enhancement, P2)

enhancement

Tracking

()

RESOLVED FIXED
mozilla57
Tracking Status
firefox57 --- fixed

People

(Reporter: ckerschb, Assigned: ckerschb)

References

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Currently we log the following message to the console:

> "Navigation to toplevel data: URI not allowed (Blocked loading of: “data:text/html,%3Cscript%3Edocument.write(document...”)"

I think it makes sense to use the decoded URI when logging to the console.
Assignee: nobody → ckerschb
Blocks: 1380959
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [domsecurity-active]
Summary: Use decoded data: URI for console message when blocking toplevel data: URI navigations → Unescape data: URI for console message when blocking toplevel data: URI navigations
When logging to the console we should print the unescaped data: URI, which makes reading the data: URI much nicer.
Attachment #8906617 - Flags: review?(bugs)
Attachment #8906617 - Flags: review?(bugs) → review+
Pushed by mozilla@christophkerschbaumer.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/ba39904a38eb
Unescape data: URI for console message when blocking toplevel data: URI navigations. r=smaug
https://hg.mozilla.org/mozilla-central/rev/ba39904a38eb
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in before you can comment on or make changes to this bug.