Open
Bug 968586
(csp-w3c-2)
Opened 11 years ago
Updated 2 years ago
[meta] Implement Content Security Level 2 per the W3C standard
Categories
(Core :: DOM: Security, enhancement, P3)
Tracking
()
ASSIGNED
People
(Reporter: grobinson, Assigned: ckerschb)
References
(Depends on 6 open bugs, Blocks 1 open bug, )
Details
(Keywords: meta, Whiteboard: [domsecurity-meta])
Track work needed to bring Gecko to conformance with the CSP 1.1 spec currently being developed.
Reporter | ||
Updated•11 years ago
|
Comment 1•11 years ago
|
||
I'm not sure that this should depend on the XSS filter bug - that doesn't need to be fixed for Gecko to be CSP 1.1 compliant, more that if Gecko had one, it would need to honor the reflected-xss directive.
Updated•11 years ago
|
Alias: csp-w3c-1.1
Updated•11 years ago
|
Component: Security → DOM: Security
Updated•10 years ago
|
Keywords: meta
Summary: Implement Content Security Policy 1.1 per the W3C standard → Implement Content Security Policy 1.1 (Level 2) per the W3C standard
Updated•10 years ago
|
Alias: csp-w3c-1.1 → csp-w3c-2
Summary: Implement Content Security Policy 1.1 (Level 2) per the W3C standard → Implement Content Security Level 2 per the W3C standard
Assignee | ||
Updated•9 years ago
|
Depends on: CVE-2016-2816
Assignee | ||
Updated•9 years ago
|
Whiteboard: [domsecurity-meta]
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → ckerschb
Status: NEW → ASSIGNED
Updated•7 years ago
|
Depends on: CVE-2020-12391
Updated•6 years ago
|
Priority: -- → P3
Updated•6 years ago
|
Summary: Implement Content Security Level 2 per the W3C standard → [meta] Implement Content Security Level 2 per the W3C standard
Updated•6 years ago
|
Type: defect → enhancement
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•