Closed Bug 1512511 (CVE-2019-11724) Opened 2 years ago Closed 2 years ago
.mozilla .org from browser/app/permissions
47 bytes, text/x-phabricator-request
|Details | Review|
browser/app/permissions gives extra permission "remote-troubleshooting" to input.mozilla.org, which is now redirecting to qsurvey. We probably do not want to give extra permission to input.m.o.
There are domains that we give extra permissions. Those should be hosted and operated by Firefox. input.mozilla.org isn't and it also doesnt use extra permissions anymore. Let's remove it.
NB: As a follow-up, I likely want to look at other domains.
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/mozilla-inbound/rev/41c4503d65cb Remove extra-privileges for input.mozilla.org. r=Gijs,MattN
You need to log in before you can comment on or make changes to this bug.