Closed
Bug 1398691
Opened 7 years ago
Closed 7 years ago
Unescape data: URI for console message when blocking toplevel data: URI navigations
Categories
(Core :: DOM: Security, enhancement, P2)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla57
| Tracking | Status | |
|---|---|---|
| firefox57 | --- | fixed |
People
(Reporter: ckerschb, Assigned: ckerschb)
References
Details
(Whiteboard: [domsecurity-active])
Attachments
(1 file)
|
2.07 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
Currently we log the following message to the console:
> "Navigation to toplevel data: URI not allowed (Blocked loading of: “data:text/html,%3Cscript%3Edocument.write(document...”)"
I think it makes sense to use the decoded URI when logging to the console.
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → ckerschb
Blocks: 1380959
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [domsecurity-active]
|
|
Assignee | |
Updated•7 years ago
|
Summary: Use decoded data: URI for console message when blocking toplevel data: URI navigations → Unescape data: URI for console message when blocking toplevel data: URI navigations
|
|
Assignee | |
Comment 1•7 years ago
|
||
When logging to the console we should print the unescaped data: URI, which makes reading the data: URI much nicer.
Attachment #8906617 -
Flags: review?(bugs)
|
||
Updated•7 years ago
|
Attachment #8906617 -
Flags: review?(bugs) → review+
Pushed by mozilla@christophkerschbaumer.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/ba39904a38eb
Unescape data: URI for console message when blocking toplevel data: URI navigations. r=smaug
|
||
Comment 3•7 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
status-firefox57:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in
before you can comment on or make changes to this bug.
Description
•