Open Bug 1706026 (policy-container) Opened 4 years ago Updated 4 months ago

Implement policy inheritance according to policy container

Categories

(Core :: DOM: Security, enhancement, P3)

Product:
Core
Component:
DOM: Security
Type:
enhancement

Tracking

()

People

(Reporter: antoniosartori, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36

Steps to reproduce:

This is an implementation bug tracking this PR on the html spec: https://github.com/whatwg/html/pull/6504

The PR introduces the concept of a policy container, and uses it to clarify inheritance to local schemes for Content Security Policy (as a first step).

It is likely that Firefox needs minor changes to adhere to that PR (see also the tests https://wpt.fyi/results/content-security-policy/inheritance?label=experimental&label=master&aligned). More work could be needed as we add more policies to the policy container.

Component: Untriaged → DOM: Security
Product: Firefox → Core
Version: Firefox 89 → Trunk
Severity: -- → S4
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
Alias: policy-container
Summary: Adhere to policy inheritance according to policy container → Implement policy inheritance according to policy container
Blocks: 1741489
Blocks: 1830070
You need to log in before you can comment on or make changes to this bug.