Closed Bug 1627235 Opened 5 years ago Closed 5 years ago

Investigate CSP for images loaded as iframe

Categories

(Core :: DOM: Security, task, P2)

Product:
Core
Component:
DOM: Security
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla77
Tracking Flags:
Tracking Status
firefox77 --- fixed

People

(Reporter: ckerschb, Assigned: ckerschb)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Bug 1627235: Test CSP for images loaded as iframe. r=smaug
47 bytes, text/x-phabricator-request
Details | Review

Let's investigate images loaded as iframe, e.g.

<iframe src="someimage.png">

Now that we add carve outs for images within Bug 1262842, we should investigate that scenario.

That change and test was incorporated within Bug 1262842. Hence I'll mark this bug as a duplicate.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE

Let's reopen that bug and make it block Bug 1262842, because Bug 1262842 should not change that behavior.

Assignee: nobody → ckerschb
Blocks: 1262842
Status: RESOLVED → REOPENED
Type: defect → task
No longer depends on: 1262842
Priority: -- → P2
Resolution: DUPLICATE → ---
Whiteboard: [domsecurity-active]
Pushed by rgurzau@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a078205d24aa Test CSP for images loaded as iframe. r=smaug

https://hg.mozilla.org/mozilla-central/rev/a078205d24aa

Status: REOPENED → RESOLVED
Closed: 5 years ago5 years ago
status-firefox77: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla77
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: