Closed Bug 1588394 Opened 5 years ago Closed 1 year ago

CSP error message has unfilled template fields

Categories

(Core :: DOM: Security, defect, P3)

defect

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: heycam, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

Visit https://www.bromleyandco.com/events.html. There is an iframe that shows a CSP error page with the message:

Blocked by Content Security Policy

An error occurred during a connection to my.matterport.com. {$errorMessage}

The frame has both X-Frame-Options: and a CSP with "frame-ancestors" -- it does not want to be framed! Maybe the error text got broken in the translation to fluent for localization.

Blocks: csp-w3c-3
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
Severity: normal → S3

The website seems to work now.

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.