Closed
Bug 1777164
Opened 2 years ago
Closed 2 years ago
Sanitizer API: setHTML should require a SecureContext just like the Sanitizer constructor
Categories
(Core :: DOM: Security, defect, P3)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
104 Branch
Tracking | Status | |
---|---|---|
firefox104 | --- | fixed |
People
(Reporter: freddy, Assigned: freddy)
References
Details
(Whiteboard: [domsecurity-active] )
Attachments
(1 file)
The Sanitizer constructor requires a SecureContext
https://bugzilla.mozilla.org/show_bug.cgi?id=1716624 introduced setHTML
, which does not.
This bug will align them to both require a SecureContext.
Assignee | ||
Comment 1•2 years ago
|
||
Comment 2•2 years ago
|
||
The severity field is not set for this bug.
:freddy, could you have a look please?
For more information, please visit auto_nag documentation.
Flags: needinfo?(fbraun)
Assignee | ||
Updated•2 years ago
|
Severity: -- → S3
Flags: needinfo?(fbraun)
Pushed by fbraun@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/de437faa8094 require SecureContext for setHTML r=emilio
Comment 4•2 years ago
|
||
Backed out for causing failures on sanitizer-insecure-context.html
Backout link
Push with failures
Link to failure log
Failure line :
TEST-UNEXPECTED-PASS | /sanitizer-api/sanitizer-insecure-context.html | Sanitizer API in an insecure context. - expected FAIL
Flags: needinfo?(fbraun)
Pushed by fbraun@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/963d3262c9a4 require SecureContext for setHTML r=emilio
Comment 6•2 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
status-firefox104:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 104 Branch
Assignee | ||
Updated•2 years ago
|
Flags: needinfo?(fbraun)
You need to log in
before you can comment on or make changes to this bug.
Description
•