Closed
Bug 793851
Opened 12 years ago
Closed 12 years ago
Create appropriate CSP warnings in the app validator
Categories
(addons.mozilla.org Graveyard :: Add-on Validation, defect)
addons.mozilla.org Graveyard
Add-on Validation
Tracking
(Not tracked)
RESOLVED
FIXED
2012-11-15
People
(Reporter: basta, Assigned: basta)
References
Details
- Warn on explicit script tag creation - Warn on any JavaScript URIs - Warn on HTML event handling - Better eval(), setTimeout(), setInterval() messages - Better Function() support - Warn on data URI use - Error on XBL usage
Updated•12 years ago
|
Target Milestone: --- → 2012-11-15
Assignee | ||
Comment 1•12 years ago
|
||
We don't handle data URIs because they can't be accurately detected. XBL also isn't a thing we need to be concerned about at the moment. Waiting for a review: https://github.com/mattbasta/app-validator/commit/b0f3572583a9b43ae2d1a0d8d08e053851a7e59e
Assignee | ||
Comment 2•12 years ago
|
||
Merged: https://github.com/mozilla/zamboni/commit/a89f1a6095dca09f445b06a022d1ae44207dec14
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Updated•8 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•