Closed Bug 1667333 Opened 29 days ago Closed 26 days ago

Remove unecessary prefs for mime type checking

Categories

(Core :: DOM: Security, task, P3)

task

Tracking

()

RESOLVED FIXED
83 Branch
Tracking Status
firefox83 --- fixed

People

(Reporter: ckerschb, Assigned: ckerschb)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Fighting preference fatigue; we have 3 prefs for mime type checking

  • security.block_script_with_wrong_mime (set to true July 2019)
  • security.block_importScripts_with_wrong_mime (set to true July 2019)
  • security.block_Worker_with_wrong_mime (set to true July 2020)

The first two have been set to true for over a year now, the third one only for ~2 months. I think we can remove the first two at this point.

Tom, since you added those, any objections to removing the first 2 prefs?
I think we should keep the third one for a while and maybe remove it early next year.

Flags: needinfo?(evilpies)

Sounds good to me. From my testing with http://wpt.live/workers/Worker_script_mimetype.htm Chrome doesn't even block Workers in the their release build yet. So we definitely need to keep the pref.

Flags: needinfo?(evilpies)
Pushed by cbrindusan@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9c47bca207be
Remove unecessary prefs for mime type checking r=necko-reviewers,evilpie,valentin
Status: ASSIGNED → RESOLVED
Closed: 26 days ago
Resolution: --- → FIXED
Target Milestone: --- → 83 Branch
You need to log in before you can comment on or make changes to this bug.