ORB, aka CORB++ (blocking all the "no-cors" cross-origin responses possible)
Categories
(Core :: DOM: Networking, enhancement, P3)
Tracking
()
Fission Milestone | Future |
People
(Reporter: annevk, Unassigned)
References
(Depends on 20 open bugs, Blocks 4 open bugs, )
Details
(Whiteboard: [necko-triaged][spectre-blocker])
Attachments
(11 obsolete files)
This is a tracking issue to see if we can create a filter that only lets "no-cors" cross-origin media (audio, image, video), CSS, and JavaScript enter the content process.
This is similar to Chrome's CORB, except safelist rather than blocklist-based.
Updated•6 years ago
|
Reporter | ||
Comment 1•6 years ago
|
||
https://github.com/whatwg/fetch/issues/721#issuecomment-470126129 has a more detailed sketch of this filter.
Reporter | ||
Updated•6 years ago
|
Updated•6 years ago
|
Reporter | ||
Updated•5 years ago
|
Comment 2•4 years ago
|
||
Fission Future because Nika says this doesn't block shipping Fission MVP.
Reporter | ||
Updated•4 years ago
|
Comment 3•4 years ago
|
||
Comment 4•4 years ago
|
||
Updated•4 years ago
|
Comment 5•4 years ago
|
||
Comment 6•4 years ago
|
||
Updated•4 years ago
|
Comment 7•4 years ago
|
||
This is needed to be putting into "opaque-safelisted requesters set" in ORB
(https://github.com/annevk/orb).
Depends on D102447
Comment 8•4 years ago
|
||
Depends on D105322
Comment 9•4 years ago
|
||
Depends on D102448
Comment 10•4 years ago
|
||
Comment 11•4 years ago
|
||
Comment 12•4 years ago
|
||
This implements the changes in https://github.com/annevk/orb/pull/16/files#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5
Updated•4 years ago
|
Updated•4 years ago
|
Updated•4 years ago
|
Comment 13•4 years ago
|
||
Comment on attachment 9199216 [details]
Bug 1532642 - Add a pref for ORB and disable it by default;
Revision D102388 was moved to bug 1696111. Setting attachment 9199216 [details] to obsolete.
Comment 14•4 years ago
|
||
Comment on attachment 9199217 [details]
Bug 1532642 - Add functions to determine opaque-safelisted MIME type, opaque-blocklisted MIME type and opaque-blocklisted-never-sniffed MIME type;
Revision D102447 was moved to bug 1696111. Setting attachment 9199217 [details] to obsolete.
Comment 15•4 years ago
|
||
Comment on attachment 9199218 [details]
Bug 1532642 - ORB core Implementation;
Revision D102448 was moved to bug 1696111. Setting attachment 9199218 [details] to obsolete.
Comment 16•4 years ago
|
||
Comment on attachment 9206287 [details]
Bug 1532642 - Extract the code for parsing range header string out and use it later;
Revision D106889 was moved to bug 1696111. Setting attachment 9206287 [details] to obsolete.
Comment 17•4 years ago
|
||
Comment on attachment 9206290 [details]
Bug 1532642 - Make LoadInfo know if the request is triggered from a media element and if it's an initial request;
Revision D106890 was moved to bug 1696111. Setting attachment 9206290 [details] to obsolete.
Comment 18•4 years ago
|
||
Comment on attachment 9206291 [details]
Bug 1532642 - Sniff and check the initial media request and allow its subsequent requests;
Revision D106891 was moved to bug 1696111. Setting attachment 9206291 [details] to obsolete.
Comment 19•4 years ago
|
||
Comment on attachment 9199219 [details]
Bug 1532642 - Enable the pref for ORB on Nightly;
Revision D102449 was moved to bug 1696111. Setting attachment 9199219 [details] to obsolete.
Updated•4 years ago
|
Comment 20•3 years ago
|
||
Hi Anne! Should the title here be changed from CORB++
to ORB
to be consistent with https://github.com/annevk/orb ?
Reporter | ||
Updated•3 years ago
|
Updated•3 years ago
|
Comment 21•2 years ago
|
||
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Description
•