Closed Bug 1627235 Opened 2 years ago Closed 2 years ago

Investigate CSP for images loaded as iframe

Categories

(Core :: DOM: Security, task, P2)

task

Tracking

()

RESOLVED FIXED
mozilla77
Tracking Status
firefox77 --- fixed

People

(Reporter: ckerschb, Assigned: ckerschb)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Let's investigate images loaded as iframe, e.g.

<iframe src="someimage.png">

Now that we add carve outs for images within Bug 1262842, we should investigate that scenario.

That change and test was incorporated within Bug 1262842. Hence I'll mark this bug as a duplicate.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1262842

Let's reopen that bug and make it block Bug 1262842, because Bug 1262842 should not change that behavior.

Assignee: nobody → ckerschb
Blocks: 1262842
Status: RESOLVED → REOPENED
Type: defect → task
No longer depends on: 1262842
Priority: -- → P2
Resolution: DUPLICATE → ---
Whiteboard: [domsecurity-active]
Pushed by rgurzau@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/a078205d24aa
Test CSP for images loaded as iframe. r=smaug
Status: REOPENED → RESOLVED
Closed: 2 years ago2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla77
You need to log in before you can comment on or make changes to this bug.