Closed
Bug 1497190
Opened 6 years ago
Closed 5 years ago
Apply Meta CSP to about:cache-entry
Categories
(Core :: DOM: Security, enhancement, P3)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla70
Tracking | Status | |
---|---|---|
firefox70 | --- | fixed |
People
(Reporter: ckerschb, Assigned: ckerschb)
References
Details
(Whiteboard: [domsecurity-backlog1])
Attachments
(2 files)
No description provided.
Assignee | ||
Updated•6 years ago
|
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → ckerschb
Status: NEW → ASSIGNED
Assignee | ||
Comment 1•6 years ago
|
||
Attachment #9017073 -
Flags: review?(gijskruitbosch+bugs)
Updated•6 years ago
|
Attachment #9017073 -
Flags: review?(gijskruitbosch+bugs) → review+
Comment 2•6 years ago
|
||
FWIW, why this page has privileges at all is beyond me. Can we downgrade it if it isn't already?
Assignee | ||
Comment 3•6 years ago
|
||
(In reply to :Gijs (he/him) from comment #2) > FWIW, why this page has privileges at all is beyond me. Can we downgrade it > if it isn't already? FWIW, I am gathering a list of pages that we can downgrade - this is one of them. I am in the process of having an intern work on this all of next summer.
Comment 4•5 years ago
|
||
There's a r+ patch which didn't land and no activity in this bug for 2 weeks.
:ckerschb, could you have a look please?
Flags: needinfo?(ckerschb)
Assignee | ||
Comment 5•5 years ago
|
||
Before we can apply CSP to system privileged about pages we have to fix Bug 965637, in which we move the CSP from the Principal into the Client. Please note that the Meta Bug 1492063 for applying CSP to system privileged about: pages is blocked by 965637. At the moment we are fixing the last remaining blockers and as soon as we have landed Bug 965637 I'll try to land all the dependencies of Bug 1492063 so we end up having all about: pages secured by a CSP.
Flags: needinfo?(ckerschb)
Assignee | ||
Comment 6•5 years ago
|
||
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/d617ec46f157 Apply Meta CSP to about:cache-entry.
Comment 8•5 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox70:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
You need to log in
before you can comment on or make changes to this bug.
Description
•