explain workaround for missing security.csp.enable pref
Categories
(Core :: DOM: Security, defect)
Tracking
()
People
(Reporter: wf, Unassigned)
Details
https://bugzilla.mozilla.org/show_bug.cgi?id=1754301 switches off the stackoverflow solution https://stackoverflow.com/a/27324485/1497139 for a question that has 117 k views with out offering a similar simple solution developers.
I do not think security is increased by making things more complicated and offering a decent hiding of complexity like the old pref solution did.
Reporter | ||
Comment 1•2 years ago
|
||
not offering ... would have been the correct statement but it looks like this bug tracke doesn't let you edit comments.
Reporter | ||
Comment 2•2 years ago
|
||
https://www.reddit.com/r/firefox/comments/um15kh/securitycspenable_doesnt_work_anymore/ also has no answer that would hide the complexity
Reporter | ||
Comment 3•2 years ago
|
||
https://superuser.com/questions/1475857/how-can-i-add-an-exception-to-the-content-security-policy-in-firefox-56 points to Modheader which displays a message that you need to "upgrade to pro". I'd rather have the pre Firefox 99 functionaliy back and configure different browser settting than have to install an extension i have to pay for. It would be great if there would be a simple firefox built in functionality again.
Comment 4•2 years ago
|
||
Hi Wolfgang,
please do not file new bugs for something that already has a bug - in this case https://bugzilla.mozilla.org/show_bug.cgi?id=1754301.
We have laid out our reasons in that other bugs quite clearly. I'm happy to re-assess this in light of new arguments.
Reporter | ||
Comment 5•2 years ago
|
||
@freddy This is not the same bug. It's a followup issue. If the decision has been made there is a need as explained here which does not necessarily mean going back to the old state of affairs. Just a simple solution is IMHO needed - if the old solutions is that simple solution i am fine but i'd also accept any other viable approach.
Comment 6•2 years ago
|
||
I'm afraid you misunderstand. The other bug already has those suggestions in comment 10. It's not great use of any of our time to open new bugs for existing discussions.
Reporter | ||
Comment 7•2 years ago
|
||
The reason for this new bug is exactly that comment with the following up comment 11 which does not lead to a simple problem solution. This bug is about the need for improved simplicity as a followup problem of removing the simplicity for other reasons. I want the simplicity back not necessary the old solution. This bug is a about a problem/need not about a solution discussion as the other bug was.
Description
•