Closed
Bug 1465847
Opened 6 years ago
Closed 4 years ago
WebsiteFilter policy does not block view-source
Categories
(Firefox :: Enterprise Policies, defect, P3)
Firefox
Enterprise Policies
Tracking
()
RESOLVED
FIXED
85 Branch
People
(Reporter: Felipe, Assigned: mkaply)
References
Details
Attachments
(1 file)
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
jcristau
:
approval-mozilla-esr78+
|
Details | Review |
+++ This bug was initially created as a clone of Bug #1429178 +++
As reported in bug 1429178 comment 27, right-clicking on the Blocked Page when the WebsiteFilter policy is in use will still allow the view source protocol from downloading the page and displaying its source
Reporter | ||
Updated•6 years ago
|
Priority: P1 → P3
Assignee | ||
Comment 1•4 years ago
|
||
Updated•4 years ago
|
Assignee: nobody → mozilla
Status: NEW → ASSIGNED
Pushed by mozilla@kaply.com:
https://hg.mozilla.org/integration/autoland/rev/d1c5493f3915
If a website is blocked via policy, block view source. r=emalysz
Backout by btara@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/0f49306f697f
Backed out changeset d1c5493f3915 for causing leaks CLOSED TREE
Comment 4•4 years ago
|
||
Backed out changeset d1c5493f3915 (bug 1465847) for causing leaks.
Backout link: https://hg.mozilla.org/integration/autoland/rev/0f49306f697fb1a6c579e5ab433bff573dd01d49
Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=319571640&repo=autoland&lineNumber=5421
Flags: needinfo?(mozilla)
Assignee | ||
Comment 5•4 years ago
|
||
I'm still looking at how to resolve this.
Depends on: 1450309
Flags: needinfo?(mozilla)
Pushed by mozilla@kaply.com:
https://hg.mozilla.org/integration/autoland/rev/0c472d4d9215
If a website is blocked via policy, block view source. r=emalysz
Comment 7•4 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox85:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 85 Branch
Assignee | ||
Comment 8•4 years ago
|
||
Comment on attachment 9183020 [details]
Bug 1465847 - If a website is blocked via policy, block view source. r?emalysz!
Beta/Release Uplift Approval Request
- User impact if declined: Even though URLs and files are blocked, users can still view-source those URLs.
- Is this code covered by automated tests?: No
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Policy only, only affects if view source is active.
- String changes made/needed:
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Fixes a small hole in our file blocking. I apologize for not getting this into the last release. The test was causing a leak which we are investigating separately (it was unrelated to this fix). Very low risk.
- User impact if declined: Even though URLs and files are blocked, users can still view-source those URLs.
- Fix Landed on Version: 85
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Policy only, only affects if view source is active.
- String or UUID changes made by this patch:
Attachment #9183020 -
Flags: approval-mozilla-esr78?
Attachment #9183020 -
Flags: approval-mozilla-beta?
Comment 9•4 years ago
|
||
Comment on attachment 9183020 [details]
Bug 1465847 - If a website is blocked via policy, block view source. r?emalysz!
Approved for 84.0b4.
Attachment #9183020 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
Comment 10•4 years ago
|
||
bugherder uplift |
status-firefox84:
--- → fixed
Flags: in-testsuite+
Updated•4 years ago
|
Updated•4 years ago
|
Comment 11•4 years ago
|
||
Comment on attachment 9183020 [details]
Bug 1465847 - If a website is blocked via policy, block view source. r?emalysz!
approved for 78.6esr
Attachment #9183020 -
Flags: approval-mozilla-esr78? → approval-mozilla-esr78+
Comment 12•4 years ago
|
||
bugherder uplift |
status-firefox-esr78:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•