Open Bug 1537685 Opened 6 months ago Updated 2 months ago

Add test that iterates all about: pages and ensure they all have a valid CSP

Categories

(Core :: DOM: Security, enhancement, P2)

enhancement

Tracking

()

ASSIGNED

People

(Reporter: ckerschb, Assigned: sstreich)

References

(Depends on 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

It seems it's possible that about pages can still ship without a CSP attached as illustrated within [1]. Maybe it's possible to add a test where we can iterate all about pages and ensure they all have a valid CSP.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1449845#c15

Assignee: nobody → ckerschb
Blocks: 1449845
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [domsecurity-active]
Assignee: ckerschb → streich.mobile
Depends on: 1492063

There's a r+ patch which didn't land and no activity in this bug for 2 weeks.
:sstreich, could you have a look please?
For more information, please visit auto_nag documentation.

Flags: needinfo?(streich.mobile)

Landing this bug is blocked on Bug 1492063 - once that has been resolved we can land the patch within this bug.

Flags: needinfo?(streich.mobile)
You need to log in before you can comment on or make changes to this bug.