Closed Bug 1699658 Opened 4 years ago Closed 3 years ago

Non-https secure contexts are shown as insecure for PDFs

Categories

(Firefox :: Site Identity, defect, P2)

Product:
Firefox
Component:
Site Identity
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
100 Branch
Tracking Flags:
Tracking Status
firefox100 --- fixed

People

(Reporter: emz, Assigned: emz)

References

Details

Attachments

(2 files)

Bug 1699658 - Add test for PDF viewer site identity security state. r=Gijs!
48 bytes, text/x-phabricator-request
Details | Review
Bug 1699658 - Special handling for siteIdentity security state of pdf viewer pages. r=Gijs!,ckerschb!
48 bytes, text/x-phabricator-request
Details | Review

For Bug 1667965 we decided to not check isSecureContext for the PDF viewer. That's because the field will always be true for the PDF viewer case. Details here: https://bugzilla.mozilla.org/show_bug.cgi?id=1667965#c8

We should update the code that sets isSecureContext to be correct for PDFs and remove the band-aid we added in Bug 1667965.
This might involve changing the principal of pdf.js, see Bug 1686200.

Assignee: nobody → pbz
Status: NEW → ASSIGNED
Priority: P3 → P2
Pushed by pzuhlcke@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/082d90675f7a Add test for PDF viewer site identity security state. r=Gijs https://hg.mozilla.org/integration/autoland/rev/7e763b88d0dd Special handling for siteIdentity security state of pdf viewer pages. r=Gijs,ckerschb

https://hg.mozilla.org/mozilla-central/rev/082d90675f7a
https://hg.mozilla.org/mozilla-central/rev/7e763b88d0dd

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox100: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 100 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: