Remove obsolete comments about inadequacy of LoadTainting
Categories
(Core :: DOM: Security, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox101 | --- | fixed |
People
(Reporter: karlt, Assigned: karlt)
References
Details
Attachments
(1 file)
|
(deleted),
text/x-phabricator-request
|
Details |
tainting has been set with AsyncOpen2() since https://hg.mozilla.org/integration/mozilla-inbound/rev/989bbde310f5#l6.74 and AsyncOpen() was removed for bug 1520868.
The advice about checking final URL and CORS mode is misleading because the URL and CORS mode of an nsIHttpChannelInternal will reflect the URL and CORS mode of the request, which may differ from those of a ServiceWorker-synthesized Response, with null URL for example.
+++ This bug was initially created as a clone of Bug #1226909 +++
|
Assignee | |
Comment 1•3 years ago
|
||
tainting has been set with AsyncOpen2() since
https://hg.mozilla.org/integration/mozilla-inbound/rev/989bbde310f5#l6.74
and AsyncOpen() was removed for
https://bugzilla.mozilla.org/show_bug.cgi?id=1520868
The advice about checking final URL and CORS mode is misleading because the
URL and CORS mode of an nsIHttpChannelInternal will reflect the URL and CORS
mode of the request, which may differ from those of a
ServiceWorker-synthesized Response, with null URL for example.
|
||
Comment 3•3 years ago
|
||
| bugherder | ||
Description
•