Closed Bug 1422325 Opened 8 years ago Closed 8 years ago

Test that Activity Stream screenshots can no longer be coerced to load unsafe URIs

Categories

(Firefox :: New Tab Page, enhancement)

Product:
Firefox
Component:
New Tab Page
Version:
57 Branch
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 60
Tracking Flags:
Tracking Status
firefox-esr52 --- unaffected
firefox58 --- wontfix
firefox59 --- wontfix
firefox60 --- fixed

People

(Reporter: ursula, Assigned: ursula)

References

Details

(Keywords: sec-other, Whiteboard: [adv-main60-][post-critsmash-triage])

Attachments

(1 file)

1422325.patch
6.78 KB, patch
ursula
: review+
Details | Diff | Splinter Review
Bug 1420049 landed, I need to land the tests separately. The tests have already been written and reviewed, I will carry over the r+ from Gijs
Attached patch 1422325.patchSplinter Review
Attachment #8933667 - Flags: review+
What do you think Gijs, should we land this now?
Flags: needinfo?(gijskruitbosch+bugs)
(In reply to Ursula Sarracini (:ursula) from comment #2) > What do you think Gijs, should we land this now? For the original bug's sake, now would be fine. The only thing I'm wondering is whether we should hold off because of bug 1433707. Ed?
Flags: needinfo?(gijskruitbosch+bugs) → needinfo?(edilee)
I don't see the need to wait for the other bug. They're two very different parts of activity stream.
Flags: needinfo?(edilee)
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox59: affectedwontfix
status-firefox60: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 60
Group: firefox-core-security → core-security-release
Whiteboard: [adv-main60-]
Flags: qe-verify-
Whiteboard: [adv-main60-] → [adv-main60-][post-critsmash-triage]
Group: core-security-release
Component: Activity Streams: Newtab → New Tab Page
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: