Closed
Bug 1692241
Opened 4 years ago
Closed 2 years ago
Remove code in FetchDriver.cpp that sets Origin Header
Categories
(Core :: Networking, enhancement, P2)
Core
Networking
Tracking
()
RESOLVED
DUPLICATE
of bug 1605305
People
(Reporter: sstreich, Assigned: sstreich)
Details
(Whiteboard: [domsecurity-active][necko-triaged])
Attachments
(1 obsolete file)
In Bug 1605305 we added a new origin header implementation that that respects the current referrer.
This makes adding the Origin header in fetchdriver.cpp obsolete.
We can remove the code there, the only thing we need to address is to also allow the moz-extension:// scheme, otherwise we would regress Bug 1685570 again.
|
Assignee | |
Comment 1•4 years ago
|
||
|
||
Updated•4 years ago
|
Assignee: nobody → sstreich
Status: NEW → ASSIGNED
|
||
Comment 2•4 years ago
•
|
||
Please add a test for this. We should probably at least test a WebExtension with and without a host permission for that origin. Rob probably has a better idea which tests are required though.
|
||
Updated•4 years ago
|
Severity: -- → S3
Priority: -- → P3
Whiteboard: [domsecurity-active]
|
|
||
Updated•3 years ago
|
Assignee: sstreich → nobody
Severity: S3 → N/A
Status: ASSIGNED → NEW
Component: DOM: Security → Networking
Priority: P3 → --
|
||
Updated•3 years ago
|
Priority: -- → P2
Whiteboard: [domsecurity-active] → [domsecurity-active][necko-triaged]
|
|
||
Updated•2 years ago
|
Assignee: nobody → tschuster
Status: NEW → ASSIGNED
|
|
||
Updated•2 years ago
|
Attachment #9202629 -
Attachment is obsolete: true
|
||
Updated•2 years ago
|
Assignee: tschuster → sstreich
|
|
||
Comment 3•2 years ago
|
||
This change was part of the patch in bug 1605305.
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•