Closed Bug 805136 Opened 7 years ago Closed 7 years ago

New nsMixedContentBlocker doesn't block redirects from https -> http

Categories

(Core Graveyard :: Security: UI, defect, major)

defect
Not set
major

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 418354

People

(Reporter: mayhemer, Unassigned)

Details

And I believe it should.  Hard to say how to implement this in an elegant way.
Looks like we should get call to ShouldLoad from CSPService::AsyncOnChannelRedirect to be able to veto the new channel load but that method fails to get nsIChannelPolicy from the old channel's property...

Could that be a bug?
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 418354
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.