Closed Bug 1944536 Opened 1 month ago Closed 1 month ago

Use a more restrictive CSP for the Page Info window

Categories

(Firefox :: Page Info Window, task, P1)

Product:
Firefox
Component:
Page Info Window
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
137 Branch
Tracking Flags:
Tracking Status
firefox137 --- fixed

People

(Reporter: tschuster, Assigned: tschuster)

References

Details

Attachments

(1 file)

Bug 1944536 - Use a more restrictive CSP for the Page Info window. r?Gijs
48 bytes, text/x-phabricator-request
Details | Review

The CSP I added in bug 1939592 only restricts scripts, but with bug 1940273 I want to make sure all our CSPs at least have a default-src chrome: directive. For the Page Info window this probably means we need to add exceptions for images and media (and stylesheets).

Assignee: nobody → tschuster
Attachment #9462560 - Attachment description: WIP: Bug 1944536 - Use a more restrictive CSP for the Page Info window → Bug 1944536 - Use a more restrictive CSP for the Page Info window. r?Gijs
Severity: -- → N/A
Priority: -- → P1
Pushed by tschuster@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/98419db2ba20 Use a more restrictive CSP for the Page Info window. r=Gijs

https://hg.mozilla.org/mozilla-central/rev/98419db2ba20

Status: NEW → RESOLVED
Closed: 1 month ago
status-firefox137: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 137 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: