Closed Bug 1512511 (CVE-2019-11724) Opened Last year Closed 8 months ago
.mozilla .org from browser/app/permissions
47 bytes, text/x-phabricator-request
|Details | Review|
browser/app/permissions gives extra permission "remote-troubleshooting" to input.mozilla.org, which is now redirecting to qsurvey. We probably do not want to give extra permission to input.m.o.
There are domains that we give extra permissions. Those should be hosted and operated by Firefox. input.mozilla.org isn't and it also doesnt use extra permissions anymore. Let's remove it.
NB: As a follow-up, I likely want to look at other domains.
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/mozilla-inbound/rev/41c4503d65cb Remove extra-privileges for input.mozilla.org. r=Gijs,MattN
8 months ago
Depends on: 1540246
You need to log in before you can comment on or make changes to this bug.