Open Bug 1597606 Opened 3 months ago Updated 3 months ago

CSP errors on the lego website when fission enabled

Categories

(Core :: DOM: Security, defect, P1)

72 Branch
defect

Tracking

()

ASSIGNED
Webcompat Priority ?
Fission Milestone M5
Tracking Status
firefox70 --- unaffected
firefox71 --- unaffected
firefox72 --- fixed

People

(Reporter: karlcow, Assigned: ckerschb)

References

(Blocks 1 open bug, Regression, )

Details

(Keywords: regression, Whiteboard: [domsecurity-active])

  1. Go to https://www.lego.com/en-de/categories/holiday-gifts-eu
  2. See some content appear,
  3. then a big popover appears where you have to make a choice,
  4. click on the left side.

Expected:
View a list of products

Actual:
Content is now gone and appears to infinitely load.

mozregression --bad 2019-11-05 --good 2019-10-21

and here we are
10:52.75 INFO: Last good revision: d9d678e7422e0fbf84160b6060452910e8deeb33
10:52.75 INFO: First bad revision: e21ad27bfd0a2fef90919101eaef5aa5af1cc6c2
10:52.75 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=d9d678e7422e0fbf84160b6060452910e8deeb33&tochange=e21ad27bfd0a2fef90919101eaef5aa5af1cc6c2

I'll take a look.

Assignee: nobody → ckerschb
Status: NEW → ASSIGNED
Priority: -- → P1
Whiteboard: [domsecurity-active]
Fission Milestone: --- → M5

What's our plan here for 72?

Flags: needinfo?(ckerschb)

(In reply to Jim Mathies [:jimm] from comment #2)

What's our plan here for 72?

Oh sorry I didn't leave any message within this bug. I just re-tested this problem with the patch from Bug 1593832 applied - the problem disappears. Once Bug 1593832 is merged, I'll re-verify it still works correctly and then mark this as a dup, or convert to a fission bug.

Flags: needinfo?(ckerschb)
See Also: → 1593832

Summary update:

  • The specific problem described in this Bug was fixed by Bug 1593832, hence marking it as fixed for FF72.
  • There remains a problem when fission enabled though
Summary: CSP errors on the lego website (Regressed by Make CSP frame-ancestors work with fission enabled) → CSP errors on the lego website when fission enabled
You need to log in before you can comment on or make changes to this bug.