Closed
Bug 1508654
Opened 6 years ago
Closed 5 years ago
Add assert to nsDocShellLoadState::SetupTriggeringPrincipal to remove inferred referrer triggering principal
Categories
(Core :: DOM: Security, enhancement, P1)
Tracking
()
RESOLVED
FIXED
mozilla66
People
(Reporter: jkt, Assigned: jkt)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-active])
Attachments
(1 file)
In nsDocShellLoadState::SetupTriggeringPrincipal we are inferring a codebase principal when there isn't a triggering principal but there is a referrer. We should require an explicit principal always.
|
Assignee | |
Comment 1•6 years ago
|
||
Try run here: https://treeherder.mozilla.org/#/jobs?repo=try&revision=21dab78700598f8d8918ecd70e6d65b93f3cb53d
|
|
Assignee | |
Comment 2•6 years ago
|
||
|
|
Assignee | |
Comment 3•6 years ago
|
||
Depends on changes in: Bug 1508609
Pushed by jkingston@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b36b70ed2ed2 adding in assert for referrer implied codebase principal. r=ckerschb
|
||
Comment 5•5 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/b36b70ed2ed2
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox66:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla66
|
|
||
Comment 6•5 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/b36b70ed2ed2
|
||
Updated•5 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•