Closed Bug 1259648 Opened 9 years ago Closed 9 years ago

CSP policy does not work in fetch() in dedicated worker.

Tracking

()

Status:

RESOLVED DUPLICATE of bug 959388

People

(Reporter: tnguyen, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog])

Thomas Nguyen (:tnguyen)

Reporter

Description

•

9 years ago

This test hits this issue: <https://dxr.mozilla.org/mozilla-central/source/testing/web-platform/tests/fetch/api/policies/csp-blocked-worker.html> What happens is the document is served with a CSP that sets "connect-src 'none'", Interestingly, nsCSPContext does not add any policy to mPolicies. There's no csp policy checks running and the test case fails.

Thomas Nguyen (:tnguyen)

Reporter

Updated

•

9 years ago

Summary: CSP policy does not work in fetch in dedicated worker. → CSP policy does not work in fetch() in dedicated worker.

Thomas Nguyen (:tnguyen)

Reporter

Updated

•

9 years ago

Blocks: 1251378

Thomas Nguyen (:tnguyen)

Reporter

Updated

•

9 years ago

No longer blocks: 1251378

Thomas Nguyen (:tnguyen)

Reporter

Updated

•

9 years ago

Blocks: 1251378

Christoph Kerschbaumer [:ckerschb]

Updated

•

9 years ago

Whiteboard: [domsecurity-backlog]

Thomas Nguyen (:tnguyen)

Reporter

Updated

•

9 years ago

Status: NEW → RESOLVED

Closed: 9 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

CSP policy does not work in fetch() in dedicated worker.

Categories

(Core :: DOM: Security, defect)

Tracking

()

People

(Reporter: tnguyen, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated

Updated

Updated