Closed
Bug 673645
Opened 13 years ago
Closed 13 years ago
CSP needs object URL support
Categories
(Core :: DOM: Core & HTML, enhancement)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
INVALID
People
(Reporter: sephr, Unassigned)
References
(Blocks 1 open bug)
Details
Since the object URL scheme is implementation specific (e.g. moz-filedata:{GUID} in Firefox, blob:{origin}{GUID} in WebKit), CSP needs special functionality for object URLs. Note that object URLs are not always purely user generated content, and is often generated by the application (e.g. to save a <canvas> image) as a more efficient alternative to data: URLs.
Updated•13 years ago
|
Severity: normal → enhancement
Status: UNCONFIRMED → NEW
Component: Security → DOM: Core & HTML
Ever confirmed: true
QA Contact: toolkit → general
Reporter | ||
Comment 1•13 years ago
|
||
I think it should stay being treated as from 'self' as per this discussion (https://groups.google.com/d/topic/mozilla.dev.security/rTLr3IymiSk/discussion), and I should not have filed this bug.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•