Closed Bug 835288 Opened 12 years ago Closed 12 years ago

Marketplace package validator doesn't allow inline script tags in html files

Categories

(Marketplace Graveyard :: Validation, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED WORKSFORME

People

(Reporter: ziel.leo, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.56 Safari/537.17 Steps to reproduce: We've built a package with HERE Maps. Some of the html files (index.html and welcome.html) contain inline scripts. Actual results: Accordingly to Thomas Elin, he wasn't able to upload the package to the market place due to the Marketplace package validator. He had to move out the inline scripts to separate files. Expected results: We don't see the point why the validator wouldn't validate inline scripts.
We now show warnings for inline script tags that violate the CSP in web apps and errors for inline script tags that violate the CSP in privileged apps. The simulator can be deceiving because it has more relaxed permissions than B2G, so this kind of confusion can occur.
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.