Closed
Bug 1567059
Opened 5 years ago
Closed 5 years ago
Write test to ensure bookmarklets are not subject to CSP after making javascript: loads subject to target document's CSP
Categories
(Core :: DOM: Security, task, P1)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla70
Tracking | Status | |
---|---|---|
firefox70 | --- | fixed |
People
(Reporter: ckerschb, Assigned: sstreich)
References
Details
(Whiteboard: [domsecurity-active])
Attachments
(1 file)
(deleted),
text/x-phabricator-request
|
Details |
As a follow up to Bug 1478037 and also Bug 1555043 we should ensure that bookmarklets are not subject to the target's document CSP.
Reporter | ||
Updated•5 years ago
|
Priority: -- → P1
Whiteboard: [domsecurity-active]
Reporter | ||
Comment 1•5 years ago
|
||
Sebastian said he can help me out writing that test.
Assignee: ckerschb → streich.mobile
Assignee | ||
Comment 2•5 years ago
|
||
Assignee | ||
Updated•5 years ago
|
Keywords: checkin-needed
Pushed by ncsoregi@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/fce57acf9348
Add test for CSP and Bookmarklet interaction r=ckerschb,bzbarsky
Keywords: checkin-needed
Comment 4•5 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox70:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
You need to log in
before you can comment on or make changes to this bug.
Description
•