Bogus security error when attaching a bindings with userContent.css

RESOLVED FIXED

Status

()

P2
normal
RESOLVED FIXED
10 years ago
10 years ago

People

(Reporter: dao, Assigned: sicking)

Tracking

({fixed1.9.0.9, fixed1.9.1, regression})

Trunk
fixed1.9.0.9, fixed1.9.1, regression
Points:
---
Dependency tree / graph
Bug Flags:
blocking1.9.1 +
blocking1.9.0.9 +
wanted1.9.0.x +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: required by 481558)

(Reporter)

Description

10 years ago
useContent.css:
a[target="_blank"], a[target="_new"] {
  -moz-binding: url(userBindings.xml#no_blank);
}

The warning on any page that uses target=_blank:
Security Error: Content at https://bugzilla.mozilla.org/show_bug.cgi?id=470250 may not load or link to file:///path/to/Firefox/Profiles/qg976eyf.trunk/chrome/userContent.css.

Bug 481558 comment 44 et seq.:
> userContent.css should probably be considered a UA stylesheet, too. Apparently
> it's not currently:
> http://forums.mozillazine.org/viewtopic.php?p=5981365#p5981365

> It is.  That's an unfortunate side-effect of using CheckLoadURI here: it always
> warns.  That sucks.  :(

> I was worried about that, but didn't see any error-reporting code on a quick
> scan. Apparently I missed it :(
(Reporter)

Updated

10 years ago
Summary: Bogus security warning when attaching a bindings with userContent.css → Bogus security error when attaching a bindings with userContent.css
Flags: wanted1.9.0.x+
Flags: blocking1.9.1?
Flags: blocking1.9.0.8+
Whiteboard: required by 481558

Updated

10 years ago
Duplicate of this bug: 483340
Assignee: nobody → jonas
Flags: blocking1.9.1? → blocking1.9.1+
Priority: -- → P2
Fixed by patch in bug 483170
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → FIXED
Flags: blocking1.9.0.8+
Sorry about the bugspam. Was thinking we didn't need to "block" since the fix is elsewhere and I could save the bogus "fixed" keywords here, but we really do want QA to verify that this regression doesn't happen, so back on the blocking list.
Flags: blocking1.9.0.8+
(Reporter)

Updated

10 years ago
Keywords: fixed1.9.0.8, fixed1.9.1
You need to log in before you can comment on or make changes to this bug.