Open Bug 763930 Opened 10 years ago Updated 7 years ago
Review: Expose TCP Socket - Investigate restriction options - maybe via CSP . (nsi Content Policy check)
SecReview Action Item bug Investigate restriction options - maybe via CSP. (nsiContentPolicy check)
I am not sure what we want to do here. This definitely isn't base camp blocking, but it seems like for consistency, eventually we would want navigator.mozTCPSocket to respect the connect-src directive.
(In reply to Paul Theriault [:pauljt] from comment #1) > we would want navigator.mozTCPSocket to respect the connect-src > directive. +1 Also, mixed content blocker should block non-SSL TCP sockets in SSL contexts.
Taking me off this since I am not working on this atm (it would be great it someone was...)
Assignee: ptheriault → nobody
8 years ago
Assignee: nobody → dveditz
Why is this blocking bug 663566?
Dunno, better question for bsmith. Given the summary I can see the desire to show some sort of tie to CSP, but it's clearly not part of the work required to implement the CSP 1.0 standard.
Assignee: dveditz → nobody
No longer blocks: csp-w3c-1.0
You need to log in before you can comment on or make changes to this bug.