Open
Bug 968586
(csp-w3c-2)
Opened 10 years ago
Updated 1 year ago
[meta] Implement Content Security Level 2 per the W3C standard
Categories
(Core :: DOM: Security, enhancement, P3)
Tracking
()
ASSIGNED
People
(Reporter: grobinson, Assigned: ckerschb)
References
(Depends on 6 open bugs, Blocks 1 open bug, )
Details
(Keywords: meta, Whiteboard: [domsecurity-meta])
Track work needed to bring Gecko to conformance with the CSP 1.1 spec currently being developed.
|
Reporter | |
Updated•10 years ago
|
|
||
Comment 1•10 years ago
|
||
I'm not sure that this should depend on the XSS filter bug - that doesn't need to be fixed for Gecko to be CSP 1.1 compliant, more that if Gecko had one, it would need to honor the reflected-xss directive.
|
||
Updated•10 years ago
|
Alias: csp-w3c-1.1
|
|
||
Updated•10 years ago
|
Component: Security → DOM: Security
|
|
||
Updated•9 years ago
|
Keywords: meta
Summary: Implement Content Security Policy 1.1 per the W3C standard → Implement Content Security Policy 1.1 (Level 2) per the W3C standard
|
||
Updated•9 years ago
|
Alias: csp-w3c-1.1 → csp-w3c-2
Summary: Implement Content Security Policy 1.1 (Level 2) per the W3C standard → Implement Content Security Level 2 per the W3C standard
|
Assignee | |
Updated•9 years ago
|
Depends on: CVE-2016-2816
|
|
Assignee | |
Updated•8 years ago
|
Whiteboard: [domsecurity-meta]
|
|
Assignee | |
Updated•8 years ago
|
Assignee: nobody → ckerschb
Status: NEW → ASSIGNED
|
||
Updated•6 years ago
|
Depends on: CVE-2020-12391
|
||
Updated•6 years ago
|
Priority: -- → P3
|
||
Updated•6 years ago
|
Summary: Implement Content Security Level 2 per the W3C standard → [meta] Implement Content Security Level 2 per the W3C standard
|
|
||
Updated•5 years ago
|
Type: defect → enhancement
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•