Closed Bug 1656212 Opened 11 months ago Closed 10 months ago

Enable sandbox="allow-downloads"

Categories

(Core :: DOM: Security, enhancement, P2)

enhancement

Tracking

()

RESOLVED FIXED
82 Branch
Tracking Status
firefox82 --- fixed

People

(Reporter: sstreich, Assigned: sstreich)

References

(Blocks 1 open bug)

Details

(Keywords: dev-doc-complete, Whiteboard: [domsecurity-active])

Attachments

(1 file)

Currently we do have the sandbox flag "allow-downloads" implemented, but the corresponding pref is only enabled for nightly users.
The current implementation passes the wpt tests and matches chrome current behaviour. Chrome/Edge already shipped this flag - so i would like to flip the pref on by default and let it ride the trains.

Assignee: nobody → sstreich
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [domsecurity-active]

Unable to land this due to:
Reason:
We're sorry, Lando could not rebase your commits for you automatically. Please manually rebase your commits and try again.

hg error in cmd: hg import --no-commit -s 95 /tmp/tmpm8cppcyg: applying /tmp/tmpm8cppcyg

patching file modules/libpref/init/StaticPrefList.yaml
Hunk #1 FAILED at 1522
1 out of 1 hunks FAILED -- saving rejects to file modules/libpref/init/StaticPrefList.yaml.rej
abort: patch failed to apply

Flags: needinfo?(sstreich)

rebased it, should work now :)

Flags: needinfo?(sstreich)
Pushed by nerli@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/59fa8588ebc6
Flip dom.block_download_in_sandboxed_iframes to true r=ckerschb,lonnen
Status: ASSIGNED → RESOLVED
Closed: 10 months ago
Resolution: --- → FIXED
Target Milestone: --- → 82 Branch

I've updated BCD and checked that the iframe page is correct.

You need to log in before you can comment on or make changes to this bug.