Closed Bug 805136 Opened 12 years ago Closed 12 years ago

New nsMixedContentBlocker doesn't block redirects from https -> http

Tracking

(Not tracked)

Status:

RESOLVED DUPLICATE of bug 418354

People

(Reporter: mayhemer, Unassigned)

Details

Honza Bambas (:mayhemer)

Reporter

Description

•

12 years ago

And I believe it should. Hard to say how to implement this in an elegant way.

Honza Bambas (:mayhemer)

Reporter

Comment 1

•

12 years ago

Looks like we should get call to ShouldLoad from CSPService::AsyncOnChannelRedirect to be able to veto the new channel load but that method fails to get nsIChannelPolicy from the old channel's property... Could that be a bug?

Brian Smith (:briansmith, :bsmith, use NEEDINFO?)

Updated

•

12 years ago

Status: NEW → RESOLVED

Closed: 12 years ago

Resolution: --- → DUPLICATE

Nobody; OK to take it and work on it

Assignee

Updated

•

8 years ago

Product: Core → Core Graveyard

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

New nsMixedContentBlocker doesn't block redirects from https -> http

Categories

(Core Graveyard :: Security: UI, defect)

Tracking

(Not tracked)

People

(Reporter: mayhemer, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Updated