792161 - Improve CSP errors and warnings

Status: RESOLVED FIXED

(Core :: Security, defect)

Description

[Mark Goodwin [:mgoodwin]]

The CSP errors and warnings are currently a mess.

Some work has been done on this by l10n already (see comments in bug 770176) but it may be worth waiting until the CSP 1.0 work is complete before we finalize any changes.

Comment 1

[Ian Melven :imelven]

I think this should block our 1.0 compliant implementation, we have to have good messages etc for developers to be able to use CSP effectively in Firefox.

Mark, in your opinion, does this bug also cover correctly localizing everything that we want to ship for our 1.0 implementation ? :)

Comment 2

[Mark Goodwin [:mgoodwin]]

(In reply to Ian Melven :imelven from comment #1)
> Mark, in your opinion, does this bug also cover correctly localizing
> everything that we want to ship for our 1.0 implementation ? :)

I'm fine with this interpretation; the question I have is how do we arrange this? If we put work-in-progress in the properties files we run the risk of the localizers working on thing subject to change. Is there a standard way of marking something as a placeholder?

Comment 3

[Frederik Braun [:freddy]]

Does this still apply given my work on bug 607067 and bug 909241?
Easiest way to test is probably to run the W3C tests in nightly and look at the messages in the console:
http://webappsec-test.info/web-platform-tests/CSP/

Comment 4

[Mark Goodwin [:mgoodwin]]

(In reply to Frederik Braun [:freddyb] from comment #3)
> Does this still apply given my work on bug 607067 and bug 909241?

No. Thanks freddyb